Integrated cybersecurity methodology and supporting tools for healthcare operational information systems

dc.cclicenceCC-BY-NC-NDen
dc.contributor.authorCoutinho, Bruno
dc.contributor.authorFerreira, Joao
dc.contributor.authorYevseyeva, Iryna
dc.contributor.authorBasto-Fernandes, Vitor
dc.date.acceptance2023-03-17
dc.date.accessioned2023-05-09T10:46:06Z
dc.date.available2023-05-09T10:46:06Z
dc.date.issued2023-03-20
dc.descriptionThe file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.en
dc.description.abstractThe recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center.en
dc.funderNo external funderen
dc.identifier.citationCoutinho, B., Ferreira, J., Yevseyeva, I., Basto-Fernandes V. (2023) Integrated cybersecurity methodology and supporting tools for healthcare operational information systems. Computers & Security, 129, 103189en
dc.identifier.doihttps://doi.org/10.1016/j.cose.2023.103189
dc.identifier.urihttps://hdl.handle.net/2086/22865
dc.language.isoenen
dc.peerreviewedYesen
dc.publisherElsevieren
dc.researchinstituteCyber Technology Institute (CTI)en
dc.subjectCybersecurityen
dc.subjectHealthcare information systemen
dc.subjectConnected medical devicesen
dc.subjectIntrusion detectionIncident Handlingen
dc.subjectIncident Responseen
dc.titleIntegrated cybersecurity methodology and supporting tools for healthcare operational information systemsen
dc.typeArticleen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Manuscript-Computers-and-Security_Revised-Version.pdf
Size:
3.42 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
4.2 KB
Format:
Item-specific license agreed upon to submission
Description: