Cybersecurity in Digital Healthcare Services

ABSTRACT

Understanding cybercrime is very challenging for organizations. The sheer complexity of the massive healthcare technology and services landscape involved makes it even more difficult to analyse and understand cybercrime. A systematic and research-based approach is needed to create a comprehensive catalogue of cybercrime in healthcare and thereby offer support and intellectual help to healthcare service organizations facing the challenge of healthcare cybercrime. The aim of this research paper is to identify cybersecurity challenges in healthcare organizations that have digitally transformed or are amid digital transformation and provide a practical approach to address these challenges.

This research includes real-life cybercrime incidents and reviews the details of how cyber threats exploit vulnerabilities in human, technological systems, or procedural methods. The research includes the following:

- In-depth review of cybercrime in healthcare service organizations, and
- Approach to address the cybersecurity challenges faced by healthcare service organizations.

METHODS

The scoping review for this research was performed by searching scientific publications in PubMed using the search formula "(Cybersecurity AND Healthcare)." Additional reports, articles, and technology industry papers and documents were also included based on their relation to published work or the relevance to this research. As the field of cybercrime is dynamic and ever-changing, this research focused on current issues, challenges, and solutions. Therefore, only articles published in the English language in the last 5 years (from 2019 to 2023) were included.

RESULTS

This research work identified 10 key cybersecurity challenges faced by healthcare service businesses, 6 key cybersecurity approaches that healthcare service organizations can adopt, and 5 key areas that require further strengthening. The research also includes the most frequently used methods of cyberattacks, based on the Verizon Data Breach Investigation Report.

CONCLUSIONS:

This research identifies the latest high-impact cyberattack methods that targeted healthcare service businesses in the last 5 years. It also identifies the latest cybersecurity challenges in healthcare service businesses, along with corresponding solutions and areas for further improvement.

KEYWORDS

Cybersecurity, Vulnerability, Threat, Risk, Ransomware, Virus, Phishing, Zero-Trust Access.

1. INTRODUCTION

1.1 Background

Cybersecurity challenges in digital healthcare services are a strategic imperative. It is of utmost importance for healthcare service organizations to protect the confidentiality, integrity, and availability of patient data, as well as to comply with industry regulations. Healthcare organizations have been a soft target for cybercriminals for many years. There are several key reasons why healthcare organizations are viewed as attractive targets, including: a) a wider unprotected attack surface, b) the presence of high-value personal health information, and c) the immature cyber defenses.

Each data breach in healthcare services potentially exposes personal health information, leading to long-lasting reputational damage, not to mention the possibility of regulatory fines. As a result, this creates fear, uncertainty, and doubt in the minds of healthcare business leaders.

1.2 Rationale

Many researchers have conducted literature reviews on cybersecurity in the health sector. Umar Yusuf Kabir et al [1] systematically reviewed the trends and best practices in healthcare cybersecurity. Bhuyan SS et al [2] performed a systematic review and recommended ways to transform healthcare cybersecurity from reactive to proactive, as well as suggested future directions for the health sector. Wasserman et al [3] systematically reviewed major topics and concerns in today's hospital cybersecurity field, specifically targeting non-cyber professionals working in hospital settings. Fleury B et al [4] systematically reviewed and explained the potential risks associated with passwords, suspicious emails, specific websites, or USB flash drives related to information systems used in healthcare organizations.

However, there is limited research on conducting an in-depth review of cybercrime incidents, threat vectors, vulnerabilities, and risks as healthcare organizations undergo rapid and radical changes in the delivery of healthcare services. This is primarily due to the digital transformation that extends beyond the traditional network perimeter, involving patients, clinics, partners, and consulting physicians. As the pace of change accelerates, traditional cybersecurity methods are proving insufficient, and new measures are required to combat cybercrime in the healthcare sector. None of the aforementioned authors have specifically focused on the formulation of cybercrime prevention policies necessary in digital healthcare organizations to ensure user awareness and compliance with legal frameworks associated with healthcare cybercrime incidents.

1.3 Objective

Through a scoping review and systematic research-based approach, this paper aims to create a comprehensive catalogue of cybercrime in healthcare, offering support and intellectual assistance to healthcare service organizations facing the challenge of healthcare cybercrime. The objective of this research paper is to identify cybersecurity challenges in healthcare and provide administrative, technological, and physical security controls to address them. Additionally, this research intends to develop a comprehensive catalogue of cybercrime and prevention techniques specifically tailored to the healthcare services industry.

2. METHODS

2.1 Protocol and Registration

The review was conducted following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Extension for Scoping Reviews (PRISMA-ScR) checklist, as proposed by the Joanna Briggs Institute [16]. The purpose of the review was to identify cybersecurity challenges in healthcare organizations.

2.2 Information Sources

A detailed search was conducted in the medical publication database called PubMed to identify relevant documents. This search encompassed original research papers as well as review papers.

2.3 Search and Eligibility Criteria

The search formula "(Cybersecurity AND Healthcare)" was employed to search for relevant documents. The articles selected were required to have a core focus on healthcare cybersecurity.

Only articles published in the English language within the last 5 years (from 2019 to 2023) were included to concentrate on current and pertinent cybersecurity challenges and their associated solutions. Additionally, additional reports, articles, and technology industry papers and documents were incorporated if they were related to the published work or deemed necessary for this research.

2.4 Selection of Sources of Evidence

The selection process is depicted in Figure 1. The search results were exported and analyzed on the researcher's computer. The author examined the title and abstract of each paper. Initially, a total of 1370 research papers were identified and screened. Through the initial review based on the article type "Review and Systematic Review," the number was reduced to 259 papers. A subsequent review of titles further narrowed it down to 72 papers.

Next, the first exclusion review was conducted based on the cybersecurity and healthcare core elements present in the titles. This resulted in a reduced count of 18 papers eligible for a full-text review.

Following that, the second exclusion review was performed, focusing on the cybersecurity and healthcare core aspects. However, this time, the abstract and full paper content were reviewed in detail. Finally, this led to the selection of 8 papers that specifically focused on cybersecurity in healthcare. The PRISMA-ScR diagram is presented in Figure 1.

Abbildung in dieser Leseprobe nicht enthalten

Figure 1: PRISMA-ScR (larger version in Appendix 1)

2.5 Data Charting process

The data were extracted and stored in a standardized Microsoft Excel (Microsoft Corp) form. This was an iterative process whereby the charting table is continually updated. Data charting was carried out both independently and collectively by at least two authors to ensure the quality of the extracted key findings from the literature before being used in the analysis.

2.6 Data Items

The important data items that such as title, abstract, authorship, aims, key findings in reference to objectives, evidence document, document type, and year of publication were extracted.

2.7 Critical Review Within Sources of Evidence

Critical review was performed by the author’s co-researcher to ensure that the sources of evidence were relevant, up to date, and from reputable sources. Author also validated the findings based on the industry practices used by organisations over the years.

2.8 Synthesis of Results

In this research, the information was aggregated from the selected papers, and healthcare industry reference sources, and results were presented in tabular and descriptive format in alignment with objective of research.

3. RESULTS

Author observed and explained the following themes across the selected literature and industry reference material: (1) state of healthcare services, (2) healthcare services cyber-attacks, (3) healthcare cybersecurity challenges, and (4) healthcare cybersecurity controls.

3.1 State of Digital Healthcare Services

The healthcare services organisations collect, process and store tremendous amounts of personal health information to provide services. Normally these organisations lack the requires resources, cutting-edge cyber technologies, and 24x7 cybersecurity operations, let alone the mature cyber practices such as internal audits, and information risk management.

The healthcare services organisations are increasingly relying on network connectivity to provide digital healthcare services. These organisations are deploying internet connected medical devices and applications often with without proper cybersecurity and privacy considerations [11]. A mobile phone that was traditionally used to inform a patient to visit the physician for consultation, is now used to receive consultation with physician over a video call while the same phone allows access to sensitive medical report to patient and physician.

As the digital transformation is on the prime agenda, often digital healthcare organisations are using opportunistic approach to cybersecurity and deploying minimum security controls to achieve compliance. Instead of using this opportunity to develop a strategic security plan that manages cyber risks in digital healthcare world, organisations are overwhelmed with competing operational priorities caused by complexity of digital services [14].

The digital transformation has led to proliferated use of computing devices such as laptops, desktops, notepads, mobile phones, and smart wearables, a traditional ransomware threat has further evolved with data exfiltration capabilities in addition to crypto-locker capabilities.

This all amid and after the Covid-19 pandemic has made the problem worst as post Covid-19 era requires healthcare services employees, suppliers, and customer to from office as well as remote locations.

Finally, the healthcare organisations are not aware of cybersecurity risks at multiple levels. Right from the top leadership to middle management, healthcare organisations lack the strategic cybersecurity planning. Enormous growth pressure has led organisations prioritizing the customer requirements over compliance and cybersecurity requirements. The cost reduction priorities due to inflation has led to re-prioritizing, if not de-prioritizing, the cybersecurity subject matter expert’s training needs, let alone the employee awareness on phishing, spam, Trojans, viruses, ransomware, email security practices, web security practices, password practices, etc [12] [13].

The bad news is that threat actors know all of this, and this makes digital healthcare services organisations a soft yet attractive target for cybercriminals.

3.2 Healthcare Services Cyber Attacks

The average cost of a healthcare breach in the United States has increased by 41% and has become 10.1 million dollars, according to IBM’s 2022 Cost of a Data Breach Report [5].

As per Verizon Data Breach Investigation Report 2022 [6], out of 849 incidents, 571 incident confirmed data disclosure in year 2022. The top patterns in these incidents were noted as basic web application attacks, miscellaneous errors and system intrusion represented 76% of breaches. 61% threat actors were external while, 39% were internal threat actors in all data breaches. 58% of these breaches included the personal information and 46% included personal medical information.

As reported in October 2022 OCR Cybersecurity Newsletter published by US Department of Health and Human Services, in year 2022, the healthcare services organisations exposed more than 50.4 million patient records that were exposed in year 2021. Year 2020, 2021 and 2022 have been very difficult for most of the organisations to protect their data, particularly for healthcare as the cybercrime incidents hit record high in year 2021 - more than 50.4 million patient records were breached [8].

The following table shows the 267 reported cyberattacks that successfully led to data breach in healthcare industry and were reported to US Department of Health and Human Services [8]. The table was then used by the author to prepare the common challenges faced by healthcare services organisations.

Table can be found in Appendix 2.

3.3 Healthcare Cybersecurity Challenges

The compressive review of 267 reported cyberattacks that successfully led to data breach in healthcare industry and were reported to US Department of Health and Human Services [8] provides the following 10 key cybersecurity challenges in healthcare service business. These are explained as following:

3.3.1. Ransomware:

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them . In healthcare services business, the ransomware has become #1 cyber risk to be addressed from CEO’s perspective as Ransomware alone breached 12,055,215 individual’s records across 58 healthcare services organisations. This is the highest number of individuals affected among all types of cybersecurity challenges faced by healthcare services organisations [8].

3.3.2. Malware Infection:

Like ransomware, Malware infection can render the computer compromised, remotely controlled by cybercriminals, and destroy or steal the data. Arcare was infected by malware and 34535 individual’s records were affected by the malware infection [8].

3.3.3. Unauthorized Access on Electronic Health Record (HER) System:

Most often the access management procedures are not maintained or updated in healthcare services organisations. This typically happens in digitally transforming or transformed technology environments as the need for innovation often hinders the need for appropriate procedures. Apart this, EHR systems are not scanned to identify and remediate vulnerabilities. This specific cybersecurity challenged faced by healthcare organisation impacted 1,116,170 individual’s records across 18 healthcare services organisations [8].

3.3.4. Vulnerable Web Services and Database Compromise:

As healthcare services organisations digitally transform the technological landscape, they are required to run web-based services such as APIs, Mobile Apps, Mobile Web Sites and Web Portals. All of these require internet facing web services and various integrations. 4 healthcare services organisations were compromised leading to 1,408,763 individual’s records [8].

3.3.5. Vulnerable cloud portal and Microsoft 365 Environment:

Cloud adoption is increasing in healthcare business applications and internal communication. O365 has been adopted by many organisations for email, chat, and many other collaboration services. In correct configurations, and internet exposure of cloud platforms and M365 services requires a thorough review and secure configuration. 2 healthcare services organisations were compromised leading to 239,948 individual’s records [8].

3.3.6. PHI Theft by Former Employee:

Most often employees with access to Personal Health Information (PHI) are often the employees who understand the value of PHI. If sufficient controls are not implemented by healthcare services organisation, PHI theft by employee can be a significant challenge with almost unlimited data access. no limit to data. Hospital Authority of Valdosta and Lowndes County Georgia reported 41,692 individual’s records as compromised due to former employee data theft.

3.3.7. Business Email Compromise:

Business email compromise (BEC) is a type of email scam in which an attacker targets a business to defraud the company [10]. BEC scams have exposed many organisations to billions of dollars in potential losses, let alone the healthcare services organisations. Comprehensive Health Services and Cytometry Specialists, Inc. d/b/a CSI Laboratories reported 351,602 individual’s records impacted due to business email security [8].

3.3.8. Phishing and Email Account Compromise:

9 healthcare services organisations namely Montrose Regional Health, The Puerto Rican Organization to Motivate, Enlighten, and Serve Addicts, Inc., EPIC Pharmacy Network, Inc., Ultimate Care, Inc.

Kaiser Foundation Health Plan of Washington, Central Florida Inpatient Medicine, WellDyneRx, LLC, Healthback Holdings, LLC, and The Bronx Accountable Healthcare Network, reported phishing and email account compromise that breached 54,000 and 298,428 individual’s records respectively [8].

3.3.9. Misdirected Email:

CareOregon Advantage reported 10,467 individual’s records as compromised due to misdirected emails. This cybersecurity challenge is often faced by healthcare organisations due to incorrectly configured HER systems [8].

3.3.10. Physical Theft of Documents, Computers and Unencrypted Hard Drive

5 healthcare services organisations namely South City Hospital, Georgia Pines CSB, Onehome Health Solutions, SAC Health System, and Kaiser Foundation Health Plan, Inc. (Southern California), reported physical theft of documents, computers and unencrypted hard drive that breached 285,952 individual’s records respectively [8].

3.4 Healthcare Cybersecurity Approaches

Healthcare services organisations facing the cybersecurity challenged explained in previous section must adapt a proactive, preventative approach to cybersecurity that includes technological, administrative, and physical security controls to monitor and manage the cyber risks and keep it to an acceptable level. The list of approach to address the cybersecurity challenges shown below has been prepared based on the reference papers and years of work experience of authors in cybersecurity domain.

3.4.1. Executive Leadership and Strategic Cybersecurity Plan:

Healthcare services organisation must have Cybersecurity Executive Committee with board members playing active role and overseeing the management of information security and privacy risk treatment strategies. The committee must appoint a cybersecurity leader and undertakes risk-based decisions to manage the information risks via our strategic information security and privacy roadmap aligned with business priorities and feedback from customers, auditors, partners, and security operations centre.

3.4.2. Cybersecurity Policy, Organisaiton, and Teams:

Healthcare services organisations leadership must formulate an Information Security Policy with an objective to maintain a secure information-processing environment and to protect information assets and data. The policy must be approved by the Cybersecurity Executive Committee and communicated to customers, suppliers, and employees. Healthcare services organisations must hire the key dedicated roles namely Chief Information Security Officer (CISO) and build 5 key cybersecurity Centre of Excellence (CoE) namely 1) Information Risk Management Team, 2) Cybersecurity Audit and Certification Team, 3) Cybersecurity Technology and Operations Team 4) Application Security and Penetration Testing Team 5) Supplier Risk Management Team. All team members in these CoEs need not to be necessarily permanent employees, however CISO and Cybersecurity Executive Committee must ensure the presence of these core capabilities.

3.4.3. 24x7 Cybersecurity Operations Centre:

Healthcare services organisations must operate a 24x7x365 cybersecurity operations centre. This could be a fully managed, fully internal or a hybrid security operations centre. However, it must have dedicated Cybersecurity Operations Manager, Cybersecurity Operations Supervisor, Architect, Engineer, and cybersecurity analysts. These team members should be assigned to monitors, assesses, and prevents cyber threats against organisaiton systems, products, and services. Apart this, the security operations centre must have Security Information and Event Management (SIEM), Security orchestration, automation, and response (SOAR), User and Entity Behaviour Analytics (UEBA) and Extended Detection and Response (XDR) functionalities.

3.4.4. Penetration Testing and Bug Bounty Program:

Healthcare services organisations must ensure that their internal and external applications, systems and technology infrastructure components are systematically tested via vulnerability assessment and penetration testing experts from a reputed organisaiton. Healthcare services organisations should also register their internet facing applications on a well reputed bug bounty program as this is a minimum operational requirement to identify evolving vulnerabilities. It allows the healthcare organisation to remediate the vulneraries often prior these are detected and exploited by threat actors.

3.4.5. Minimum Certifications and Attestations:

Healthcare services organisations can benefit from several independent certifications. Based on industry experience of author, the following are must to have as minimum standard to run internal and external certification audits smoothly. These are:

1) ISO/IEC 27001 Certification
2) ISO/IEC 27701 Certification
3) Cyber Essentials Certification
4) PCI DSS Attestation of Compliance
5) SOC 2 Type II Attestation

3.4.6. Cybersecurity Controls:

Healthcare services organisations should implement administrative, technical, and physical security controls that are identified via the information risk management. The following list has been carefully prepared and includes necessary security cybersecurity controls that an organisaiton should implement:

Abbildung in dieser Leseprobe nicht enthalten

4. DISCUSSION

4.1 Summary of Evidence

The review of research papers coupled with IBM’s 2022 Cost of a Data Breach Report and Verizon Data Breach Investigation Report 2022 [6] and systematic study of attacks on healthcare services business reported to US Department of Health and Human Services reported from Jan 2022 till November 2022 confirms that healthcare services organisations continually face cybersecurity challenges. We identified 10 main challenges in cybersecurity and provided 6 approaches to address these cybersecurity challenges faced by healthcare services organisations.

4.2 Implications for Future Research

The healthcare services businesses apply any administrative, technical and physical security controls to address the cybersecurity challenges. Various controls that are matured from a practical implementation perspective have been documented in this research paper. However, the future research should explore the innovative solutions such as blockchain, quantum encryption, use of artificial intelligence and machine learning to provide secure digital environment for patients, clinics, partners, employees, and doctors to offer digitally secure healthcare services and protect patient data from cybercriminals.

4.3 Limitations

The research was performed to identify the cybersecurity challenges and provide approaches to address the same based on the available literature and some evidence of cybersecurity attacks. However, the reviews usually provide descriptive information that was partly based on literature and partly based on authors industry experience.

4.4 Conclusion

This research was motivated by the need of healthcare service organisations and mainly identified due to feedback provided by research co-scholars and colleagues in author’s organisaiton.

The research organisaiton approach and specific administrative, technological, physical security controls to manage the cybersecurity risks. Finally, this research intended to create a comprehensive catalogue of cybercrime and prevention techniques for digital healthcare services and use this study to build a consulting business in cybersecurity focussed on healthcare industry

This research includes the real-life cybercrime incidents and review the details of how cyber threats exploit vulnerabilities in human, technological systems, or procedural methods including but not limited to:

1. In-depth review of cybercrime in healthcare service organisations, and
2. Approach to address the cybersecurity challenges faced by in healthcare service organisations.

5. ACKNOWLEDGMENTS

This work was supported by author’s employer organisation International SOS and University of East London, United Kingdom.

REFERENCES

[1] Kabir UY, Ezekekwu E, Bhuyan SS, Mahmood A, Dobalian A. Trends and best practices in health care cybersecurity insurance policy. J Healthc Risk Manag. 2020 Oct;40(2):10-14. doi: 10.1002/jhrm.21414. Epub 2020 May 22. PMID: 32441812.

[2] Bhuyan SS, Kabir UY, Escareno JM, Ector K, Palakodeti S, Wyant D, Kumar S, Levy M, Kedia S, Dasgupta D, Dobalian A. Transforming Healthcare Cybersecurity from Reactive to Proactive: Current Status and Future Recommendations. J Med Syst. 2020 Apr 2;44(5):98. doi: 10.1007/s10916-019-1507-y. PMID: 32239357.

[3] Wasserman L, Wasserman Y. Hospital cybersecurity risks and gaps: Review (for the non-cyber professional). Front Digit Health. 2022 Aug 11;4:862221. doi: 10.3389/fdgth.2022.862221. PMID: 36033634; PMCID: PMC9403058. Conference Name:ACM Woodstock conference

[4] Fleury B, Loudenot P, Suszko M, Fourel S, Kapola X, Langrand-Escure J, Guy JB. Sécurisation du système d’information des structures médicales [Securing the information system of health care organisations]. Cancer Radiother. 2022 Oct;26(6-7):941-946. French. doi: 10.1016/j.canrad.2022.06.032. Epub 2022 Aug 31. PMID: 36057518.

[5] Cost of a Data Breach Report 2022; https://www.ibm.com/downloads/cas/3R8N1DZJ

[6] Data Breach Investigation Report 2022; https://www.verizon.com/business/resources/Ta92/reports/dbir/2022-dbir-data-breach-investigations-report.pdf

[7] Check Point 2022 Cyber Security Report, https://pages.checkpoint.com/cyber-security-report-2022.html?utm_term=cyber-hub

[8] HIPAA Journal - Healthcare Data Breach Report

January 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/january-2022-healthcare-data-breach-report/

February 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/february-2022-healthcare-data-breach-report/

March 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/march-2022-healthcare-data-breach-report/

April 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/april-2022-healthcare-data-breach-report/

May 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/may-2022-healthcare-data-breach-report/

June 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/june-2022-healthcare-data-breach-report/

July 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/july-2022-healthcare-data-breach-report/

August 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/august-2022-healthcare-data-breach-report/

September 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/september-2022-healthcare-data-breach-report/

October 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/october-2022-healthcare-data-breach-report/

November 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/november-2022-healthcare-data-breach-report/

December 2022 Healthcare Data Breach Report; https://www.hipaajournal.com/december-2022-healthcare-data-breach-report/

[9] Young, A.; M. Yung (1996). Cryptovirology: extortion-based security threats and countermeasures. IEEE Symposium on Security and Privacy. pp. 129–140. doi:10.1109/SECPRI.1996.502676. ISBN 0-8186-7417-2.

[10] Business Email Compromise (BEC); https://www.proofpoint.com/uk/threat-reference/business-email-compromise

[11] Coventry L, Branley D. Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas. 2018 Jul;113:48-52. doi: 10.1016/j.maturitas.2018.04.008. Epub 2018 Apr 22. PMID: 29903648.

[12] Kruse CS, Frederick B, Jacobson T, Monticone DK. Cybersecurity in healthcare: A systematic review of modern threats and trends. Technol Health Care. 2017;25(1):1-10. doi: 10.3233/THC-161263. PMID: 27689562.

[13] Kruse CS, Frederick B, Jacobson T, Monticone DK. Cybersecurity in healthcare: A systematic review of modern threats and trends. Technol Health Care. 2017;25(1):1-10. doi: 10.3233/THC-161263. PMID: 27689562.

[14] Jalali MS, Razak S, Gordon W, Perakslis E, Madnick S. Health Care and Cybersecurity: Bibliometric Analysis of the Literature. J Med Internet Res. 2019 Feb 15;21(2):e12644. doi: 10.2196/12644. PMID: 30767908; PMCID: PMC6396074.

Conference Short Name:WOODSTOCK’18

Conference Location:El Paso, Texas USA

ISBN:978-1-4503-0000-0/18/06

Year:2018

Date:June

Copyright Year:2018

Copyright Statement:rightsretained

DOI:10.1145/1234567890

RRH: F. Surname et al.

Price:$15.00

Appendix 1

Abbildung in dieser Leseprobe nicht enthalten

Appendix 2

Abbildung in dieser Leseprobe nicht enthalten

Frequently Asked Questions

What is the main focus of the research paper?

The research paper aims to identify cybersecurity challenges in healthcare organizations that have digitally transformed or are undergoing digital transformation. It also provides a practical approach to address these challenges.

What methods were used in the research?

The research employed a scoping review by searching scientific publications in PubMed using the search formula "(Cybersecurity AND Healthcare)". Additional reports, articles, and technology industry papers were also included. Only articles published in English within the last 5 years (2019-2023) were considered.

What are the key findings of the research?

The research identified 10 key cybersecurity challenges faced by healthcare businesses, 6 key cybersecurity approaches that healthcare organizations can adopt, and 5 key areas that require further strengthening. It also identifies commonly used cyberattack methods based on the Verizon Data Breach Investigation Report.

What are some of the key cybersecurity challenges identified?

Key challenges include ransomware attacks, malware infections, unauthorized access to Electronic Health Record (EHR) systems, vulnerable web services and database compromise, vulnerable cloud portals and Microsoft 365 environments, PHI theft by former employees, business email compromise, phishing and email account compromise, misdirected email, and physical theft of documents, computers, and unencrypted hard drives.

What cybersecurity approaches are suggested for healthcare organizations?

Suggested approaches include establishing executive leadership and a strategic cybersecurity plan, implementing a cybersecurity policy, organization, and teams, operating a 24x7 cybersecurity operations center, conducting penetration testing and bug bounty programs, obtaining minimum certifications and attestations, and implementing comprehensive administrative, technical, and physical security controls.

What is the significance of digital transformation in the context of healthcare cybersecurity?

Digital transformation expands the attack surface, involves patients, clinics, partners, and consulting physicians beyond the traditional network perimeter. This necessitates new cybersecurity measures as traditional methods become insufficient.

What is the cost of a healthcare data breach, according to the research?

The average cost of a healthcare breach in the United States has increased by 41% to $10.1 million, as reported by IBM’s 2022 Cost of a Data Breach Report.

What types of threat actors are most commonly involved in healthcare data breaches?

According to the Verizon Data Breach Investigation Report 2022, 61% of threat actors were external, while 39% were internal in all data breaches.

Where can I find further details about the specific cyberattacks that led to data breaches in healthcare?

The research references reports to the US Department of Health and Human Services, specifically mentioning reports published by HIPAA Journal on a monthly basis in 2022, which detail specific cyberattacks reported throughout the year.

What is the impact of ransomware attacks on healthcare organizations?

Ransomware alone breached 12,055,215 individual's records across 58 healthcare service organizations, making it a top cybersecurity risk in healthcare.

Why are healthcare organizations considered attractive targets for cybercriminals?

Healthcare organizations are seen as attractive targets due to a wider unprotected attack surface, the presence of high-value personal health information, and immature cyber defenses.

What areas are identified for further research in healthcare cybersecurity?

Further research should explore innovative solutions such as blockchain, quantum encryption, and the use of artificial intelligence and machine learning to provide a secure digital environment for healthcare services.