• Login
    View Item 
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template

    Thumbnail
    View/Open
    IJMI2015pdf.pdf (307.8Kb)
    Date
    2015-08-24
    Author
    He, Ying;
    Johnson, Chris
    Metadata
    Show attachments and full item record
    Abstract
    Context. The recurrence of past security breaches in healthcare showed that lessons had not been e effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. Methodology. We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans’ A airs Administration to explore whether security lessons could be applied in a very differnt Chinese healthcare organisation. Results. The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. Conclusion. Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations.
    Description
    The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.
    Citation : He, Y. and Johnson, C. (2015) Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template. International Journal of Medical Informatics, 84 (11), pp. 941-949
    URI
    http://hdl.handle.net/2086/13183
    DOI
    http://dx.doi.org/10.1016/j.ijmedinf.2015.08.010
    Research Institute : Cyber Technology Institute (CTI)
    Peer Reviewed : Yes
    Collections
    • School of Computer Science and Informatics [2679]

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary
     

     

    Browse

    All of DORACommunities & CollectionsAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission DateThis CollectionAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission Date

    My Account

    Login

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary