Challenges of Information Security Incident Learning: An Industrial Case Study in a Chinese Healthcare Organisation

Date

2017-01-09

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

Taylor and Francis

Type

Article

Peer reviewed

Yes

Abstract

Security incidents can have negative impacts on healthcare organisations and the security of medical records has become a primary concern of the public. However, previous studies showed that organisations had not effectively learned lessons from security incidents. Incident learning as an essential activity in the “follow-up” phase of security incident response lifecycle, has long been addressed but not given enough attention. This paper conducted a case study in a healthcare organisation in China to explore their current obstacles in the practice of incident learning. We interviewed both IT professionals and healthcare professional. The results showed that the organisation did not have a structured way to gather and redistribute incident knowledge. Incident response was ineffective in cycling incident knowledge back to inform security management. Incident reporting to multiple stakeholders faced a great challenge. In response to this case study, we suggest the security assurance modelling framework to address those obstacles.

Description

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.

Keywords

information security, incident response, incident learning, healthcare, security assurance modelling

Citation

He, Y. and Johnson, C. (2017) Challenges of Information Security Incident Learning: An Industrial Case Study in a Chinese Healthcare Organisation. Informatics for Health and Social Care, 42 (4), pp. 393-408

Rights

Research Institute

Cyber Technology Institute (CTI)