Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Nifakos, Sokratis; Chandramouli, Krishna; Nikolaou, Charoula Konstantina; Papachristou, Panagiotis; Koch, Sabine; Panaousis, Emmanouil; Bonacina, Stefano

doi:10.3390/s21155119

Cited by 126 publications

(90 citation statements)

References 73 publications

(230 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The SECANT plafofrm will be validated through four different Pilot Use Cases that are aiming (i) to validate SECANT's ability to improve transportation safety and ensure zero-error delivery of patients transported using timeconstraint Emergency Medical Services (Protecting the connected ambulance of the future), (ii) to validate SECANT's efficiency to deal with cascading effects of cyber threats and with propagated vulnerabilities in connected healthcare infrastructures, as well as in remote healthcare settings (Cyber security for connected medical devices and mobile applications [23], [24]), (iii) To validate the capabilities of SECANT to ensure privacy, data protection and accountability when operational data is being exchanged within the healthcare supply chain (Health data protection in the healthcare supply chain) and (iv) to validate the capabilities of SECANT's cyber security training modules and critical infrastructure cyber range (Cyber Security training). These Pilot Use Cases will be further discussed on separate papers that are under preparation.…”

Section: Use Casesmentioning

confidence: 99%

ICT in Healthcare: the role of IoT and the SECANT solution

Caballero¹,

Kavallieros²,

Spyros³

et al. 2022

2022 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

The industrial sector is experiencing an unprecedented number of changes in recent years. New models of remote delivery, especially in complex ICT infrastructures such as healthcare, increase the potential impact of cybersecurity breaches to a level that has not been experienced before. This paper presents the SECurity And privacy protectioN in internet of Things devices (SECANT) project, an EU-H2020 project aimed to strengthen the understanding of risks, at both human and technical level through the delivery of a holistic framework for cyber security risk assessment for enhancing the digital security, privacy, and personal data protection in complex ICT infrastructures, such in the healthcare ecosystem. The SECANT platform will implement a collaborative threat intelligence collection, analysis and sharing, an innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem, a cuttingedge trust and accountability mechanisms for data protection and a security awareness training for more informed security choices. This platform will be demonstrated and validated across four operational pilots reflecting different real-life business cases.

show abstract

Section: Use Casesmentioning

confidence: 99%

ICT in Healthcare: the role of IoT and the SECANT solution

Caballero¹,

Kavallieros²,

Spyros³

et al. 2022

2022 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

show abstract

“…Additionally, due to very open nature of community and social healthcare settings it is very difficult to implement data access and usage related controls. Nifakos et al (2021) in their research analyzed the impact of human factors on cybersecurity in healthcare organizations and suggested that successful adoption of digital transformation strategies in the healthcare industry depends upon the successful acceptance among healthcare professionals toward addressing risks posed by cyber threats. Therefore, it is important to provide cyber-security awareness and training to healthcare professionals (Nifakos et al, 2021).…”

Section: Challenges In Information Security and Privacymentioning

confidence: 99%

Integrated care with digital health innovation: pressing challenges

Pant

Bhatia

Pant³

2022

JICA

View full text Add to dashboard Cite

PurposeDigital health care has emerged as one of the most important means to deliver integrated care by care providers in recent years. As the use of digital health increases, there are some pressing issues such as interoperability of data across different healthcare information systems, regulatory environment and security and privacy of patient’s information which need to be discussed and addressed in order to reduce information silos and to ensure efficient and seamless use of digital health technologies. The purpose of this paper is to address these issues.Design/methodology/approachIn this paper the authors outline the key concepts of interoperability, key challenges pertaining in achieving interoperability and concepts of security and privacy in context of digital health models of integrated care.FindingsThe study suggests that standardization of digital health information systems and connecting existing systems to health network, addressing privacy and security related issues through a comprehensive but supportive regulatory environment and educating citizens and healthcare providers are some of the ways to achieve effective use of digital health in models of integrated care.Originality/valueAlthough the concepts of privacy and interoperability are not new, however, as per best of the authors’ knowledge, this is the first attempt to discuss the challenges and possible actions to meet the objective of achieving integrated care through digital innovation.

show abstract

“…While there are a range of technical vulnerabilities that can be exploited through cyberattack, the greatest vulnerability is the human element—that is, the manipulation of the clinician, such as the nurse, to gain access to the digital infrastructure. This type of attack—known as social engineering —is increasingly sophisticated and often involves targeting specific nurses through their social media profiles (Nifakos et al, 2021). These attacks are successful because nurses are often overworked in resource constrained environments (Nifakos et al, 2021).…”

Section: Introductionmentioning

confidence: 99%

“…This type of attack—known as social engineering —is increasingly sophisticated and often involves targeting specific nurses through their social media profiles (Nifakos et al, 2021). These attacks are successful because nurses are often overworked in resource constrained environments (Nifakos et al, 2021). Therefore, a key concern of nurse managers should be to consider workload in terms of the degree increases cyberattack vulnerabilities.…”

Section: Introductionmentioning

confidence: 99%

Preparing for hybrid warfare and cyberattacks on health services' digital infrastructure: What nurse managers need to know

Wells

2022

J Nursing Management

View full text Add to dashboard Cite

Aim This article aims to outline the key concepts in hybrid warfare and cyberattack to better inform nurse managers in their strategic contribution to the defence of critical digital infrastructure. Background Hybrid warfare often targets a nation's critical digital infrastructure including that of health services. Hybrid warfare against national health services, primarily through cyberattack, is likely to increase in a more destabilized and conflictual international environment. Evaluation Key literature, reports and assessments on hybrid warfare, advanced persistent threats and cyberattack referenced to health services were analysed. Key issue Health services are a key element of a nation's critical digital infrastructure and as such are a strategic target in hybrid warfare. Cyberattack through exploiting clinicians', such as nurses, online susceptibilities is a key route of attack. Nurse managers, to be effective planners, need to be fully informed about the context and specific nature of cyberattack. Conclusion(s) Articles about the relationship between hybrid warfare and cyberattack on health services digital infrastructure are rarely aimed at nurse managers. Implications for Nursing Management Nurse managers need to be fully informed about the geopolitical nature of cyberattacks if they are to be fully consulted and listened to in response planning in defence of health services' digital infrastructure.

show abstract

Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Cited by 126 publications

References 73 publications

ICT in Healthcare: the role of IoT and the SECANT solution

ICT in Healthcare: the role of IoT and the SECANT solution

Integrated care with digital health innovation: pressing challenges

Preparing for hybrid warfare and cyberattacks on health services' digital infrastructure: What nurse managers need to know

Contact Info

Product

Resources

About