International Journal of Progressive Sciences and Technologies

The new rise in network safety breaks in medical care organizations has put patients' security at a higher risk of being uncovered. In spite of this danger and the extra danger posed by such incidents to patients' safety, as well as functional and monetary dangers to medical care organizations, few studies have deliberately analysed the cyber security risks in medical care. To establish a strong starting point for medical services organizations and policymakers in better comprehension the intricacy of the issue of cyber security, this study investigates the significant sort of cyber security risks for health care organizations and makes sense of the roles of the four keys (cyber attackers, cyber defenders, developers, and end users) in cyber security. Finally, the paper studies a group of recommendations for the policymakers and health care organizations to reinforce cybersecurity in their organizations.

References

- Rajkomar, Alvin, et al. "Scalable and accurate deep learning with electronic health records." NPJ digital medicine 1.1 (2018): 1-10. ‏

- Bhuyan, Soumitra Sudip, et al. "Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations." Journal of medical systems 44.5 (2020): 1-9. ‏

- Karasz, Hilary N., Amy Eiden, and Sharon Bogan. "Text messaging to communicate with public health audiences: how the HIPAA Security Rule affects practice." American journal of public health 103.4 (2013): 617-622. ‏

- Uma, M., and Ganapathi Padmavathi. "A Survey on Various Cyber Attacks and their Classification." Int. J. Netw. Secur. 15.5 (2013): 390-396. ‏

- Filkins, Barbara. "Health care cyber threat report: Widespread compromises detected, compliance nightmare on horizon." SANS Institute 42 (2014). ‏

- Berger, D. W. "Breach Report 2015: Protected health information (PHI). Red spin." (2016). ‏

- McCue, Andy. "Beware the insider security threat." CIO Jury (2008). ‏

- Perakslis, Eric D., and Martin Stanley. "A cybersecurity primer for translational research." Science translational medicine 8.322 (2016): 322ps2-322ps2. ‏

- Akpan, Nsikan. "Has health care hacking become an epidemic." PBS News hour (2016). ‏

- Smith, McKay, and Garrett Mulrain. "Equi-failure: The national security implications of the equifax hack and a critical proposal for reform." J. Nat'l Sec. L. & Pol'y 9 (2017): 549. ‏Jalali, Mohammad S., et al. "Health care and cybersecurity: bibliometric analysis of the literature." Journal of medical Internet research 21.2 (2019): e12644. ‏

- Jouini, Mouna, Latifa Ben Arfa Rabai, and Anis Ben Aissa. "Classification of security threats in information systems." Procedia Computer Science 32 (2014): 489-496. ‏

- Arora, Arushi, Summit Kumar Yadav, and Kavita Sharma. "Denial-of-service (dos) attack and botnet: Network analysis, research tactics, and mitigation." Research Anthology on Combating Denial-of-Service Attacks. IGI Global, 2021. 49-73. ‏

- Nigrin, Daniel J. "When ‘Hacktivists' Target Your Hospital." New England journal of medicine 371.5 (2014): 393-395. ‏

- Song, Chengyu, et al. "Enforcing Kernel Security Invariants with Data Flow Integrity." NDSS. 2016.‏

- Piscitelli, Ann-Marie. Overcoming Learning Anxiety in Workplace Learning: A Study of Best Practices and Training Accommodations that Improve Workplace Learning. Diss. University of Arkansas, 2021. ‏

- Xiao, Liang, et al. "IoT security techniques based on machine learning: How do IoT devices use AI to enhance security?" IEEE Signal Processing Magazine 35.5 (2018): 41-49. ‏

- Cain, Chris. "Analysing Man-in-the-Browser (MITB) attacks." dated Dec (2014). ‏

- Langer, Steve G. "Cyber-security issues in healthcare information technology." Journal of digital imaging 30.1 (2017): 117-125. ‏

- Merello, Marcelo, and Kailash Bhatia. "From the Reflex Hammer to Molecular Biology: Do Clinical Descriptions Still Play a Role in Our Neurological Decision Making? Jorge Luis Borges and the Analytic Language of Wilkins." Movement Disorders Clinical Practice 1.1 (2014): 1. ‏

- Cho, Adrian. "Quantum spy games." (2014): 482-483. ‏

- Williams, Patricia AH, and Andrew J. Woodward. "Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem." Medical Devices (Auckland, NZ) 8 (2015): 305. ‏

- Blowers, Misty, et al. "The future internet of things and security of its control systems." arXiv preprint arXiv:1610.01953 (2016). ‏King, Christopher, Jonathan Chu, and Andrew Mellinger. Emerging technology domains risk survey. CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States, 2015. ‏

- Federal Trade Commission. "Consumer Information; Malware." (2015). ‏

- Kraken, Johanna. "Analysis of malware-the Morris Worm." (2019). ‏

- Virus. (n.d.). In Merriam-Webster’s dictionary.

- Terry, Nicolas P. "Appification, AI, and healthcare's new iron triangle." J. Health Care L. & Pol'y 20 (2017): 117. ‏

- Sainju, Arpan Man, and Travis Atkison. "An experimental analysis of Windows log events triggered by malware." Proceedings of the Southeast Conference. 2017.‏

- Kandasamy, Kamalanathan, et al. "Digital Healthcare-Cyberattacks in Asian Organizations: An Analysis of Vulnerabilities, Risks, NIST Perspectives, and Recommendations." IEEE Access 10 (2022): 12345-12364. ‏Spyware. (n.d.). In Merriam-Webster’s dictionary.

- OPERATIONS, US-CERT. "UNITED STATES COMPUTER EMERGENCY READINESS TEAM (US-CERT)."‏

- Lennon, Elizabeth. ITL Updated Glossary of Key Information Security Terms. No. ITL Bulletin June 2013 (Withdrawn). National Institute of Standards and Technology, 2013. ‏

- Sharma, Rohit, and Mona Purohit. "Emerging Cyber Threats and the Challenges Associated with them." International Research Journal of Engineering and Technology (IRJET) 5.02 (2018). ‏

- Ehrenfeld, Jesse M. "Wannacry, cybersecurity and health information technology: A time to act." Journal of medical systems 41.7 (2017): 1-1. ‏

- Baker, Yolanda S., Rajeev Agrawal, and Sambit Bhattacharya. "Analyzing security threats as reported by the united states computer emergency readiness team (US-CERT)." 2013 IEEE International Conference on Intelligence and Security Informatics. IEEE, 2013. ‏

- Hummel, Richard. "Securing against the most common vectors of cyber-attacks." SANS Institute (2017): 1-31. ‏

- Burns, A. J., M. Eric Johnson, and Deanna D. Caputo. "Spear phishing in a barrel: Insights from a targeted phishing campaign." Journal of Organizational Computing and Electronic Commerce 29.1 (2019): 24-39. ‏

- Davis, J. "Hackers breach New York’s largest provider with phishing attacks." (2017). ‏

- Vogel, Sara, et al. "Languages, literacies and literate programming: can we use the latest theories on how bilingual people learn to help us teach computational literacies?" Computer Science Education 30.4 (2020): 420-443. ‏

- Sunyaev, Ali. "Emerging technologies." Internet Computing. Springer, Cham, 2020. 373-406. ‏

- Fischer, Eric A. The Help America Vote Act and Election Administration: Overview and Selected Issues for the 2016 Election. Congressional Research Service, 2016. ‏

- Goderdzishvili, N. "Legal Assessment of Cyber Attacks on Georgia." Data Exchange Agency Ministry of Justice of Georgia (2010). ‏

- Rhee, Hyeun-Suk, Cheongtag Kim, and Young U. Ryu. "Self-efficacy in information security: Its influence on end users' information security practice behavior." Computers & security 28.8 (2009): 816-826. ‏

- Baker, Wade, et al. Data Breach: Investigations Report, a study conducted by the Verizon RISK Team with co-operation from the US Secret Service and the Dutch High-Tech Crime Unit. Technical report, Verizon, New Jersey, 2010. ‏

- Wirth, Axel. "The economics of cybersecurity." Biomedical instrumentation & technology 51. s6 (2017): 52-59. ‏

- Camp, L. Jean. "Reconceptualising the role of security user." Daedalus 140.4 (2011): 93-107. ‏

- Filkins, Barbara. "New Threats Drive Improved Practices: State of Cybersecurity in Health Care Organizations." SANS Institute (2014). ‏

- Cadwell, Zoe. "Pointing the Finger: Applying Extreme Environment Finger-mark Development to Forensic Archaeology." (2020). ‏

- Evans, Mark, et al. "Human behaviour as an aspect of cybersecurity assurance." Security and Communication Networks 9.17 (2016): 4667-4679. ‏

- Pescatore, John, and Gal Shpantzer. "Securing the internet of things survey." SANS Institute (2014): 1-22. ‏

- Jarocki, Samuel, and Houssain Kettani. "Examining the efficacy of commercial cyber security certifications for information security analysts." 2019 4th International Conference on Information Systems Engineering (ICISE). IEEE, 2019. ‏

- Conn, Joseph. "Low pay hinders healthcare's hunt for cyber cops." Modern healthcare 47.4 (2017): 23. ‏

- Cybersecurity, Critical Infrastructure. "Framework for improving critical infrastructure cybersecurity." URL: https://nvlpubs. nist. gov/nistpubs/CSWP/NIST. CSWP 4162018 (2018). ‏

- Zorabedian, J. "How malware works: Anatomy of drive-by download web attack." (2014). ‏

- Rowe, Dale C., Barry M. Lunt, and Joseph J. Ekstrom. "The role of cyber-security in information technology education." Proceedings of the 2011 conference on Information technology education. 2011.‏

- Moteff, John, and Paul Parfomak. "Critical infrastructure and key assets: definition and identification." Library of Congress Washington DC Congressional Research Service, 2004. ‏

- Bhuyan, Soumitra Sudip, et al. "Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations." Journal of medical systems 44.5 (2020): 1-9.‏

- DiPatrizio, Nicholas V., et al. "Endocannabinoid signal in the gut controls dietary fat intake." Proceedings of the National Academy of Sciences 108.31 (2011): 12904-12908. ‏

- Morgan, Steve. "Is poor software development the biggest cyber threat." htt ps://www. csoonline. com/article/297885 8 (2015). ‏

- Bird, Jim, Eric Johnson, and Frank Kim. "State of Application Security: Closing the Gap." SANS survey, SANS Institute Reading Room (2015). ‏

- Teto, Joel Kamdem, Ruth Bearden, and Dan Chia-Tien Lo. "The impact of defensive programming on i/o cybersecurity attacks." Proceedings of the Southeast Conference. 2017.‏

- Fenton, Susan H., and Sue Biedermann. Introduction to healthcare informatics. AHiMA, American Health Information Management Association, 2014. ‏

- Miliard, Mike. "How does blockchain actually work for healthcare." Healthcare IT News April 13 (2018): 2017. ‏

- Miliard, Mike. "Block chain faces tough roadblocks in healthcare." Healthcare IT News April 13 (2018): 2017. ‏

- Bhuyan, Soumitra Sudip, et al. "Too Much or Too Little? How Much Control Should Patients Have Over EHR Data?" Journal of medical systems 40.7 (2016): 1-4. ‏

- Schwalbe, Kathy, and Dan Furlong. Healthcare project management. Minneapolis: Schwalbe Publishing, 2013. ‏

- Bhuyan, Soumitra Sudip, et al. "Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations." Journal of medical systems 44.5 (2020): 1-9. ‏

- Schneier, Bruce. Click here to kill everybody: Security and survival in a hyper-connected world. WW Norton & Company, 2018. ‏

- Caralli, Richard A., Julia H. Allen, and David W. White. CERT resilience management model: A maturity model for managing operational resilience. Addison-Wesley Professional, 2010. ‏

- Bhuyan, Soumitra Sudip, et al. "Too Much or Too Little? How Much Control Should Patients Have Over EHR Data?" Journal of medical systems 40.7 (2016): 1-4. ‏

- Egenhoefer, Rachel Beth, ed. Routledge Handbook of Sustainable Design. London: Routledge, 2017. ‏

- Carroll, R., and G. Norris. "Chapter 1 enterprise risk management in healthcare-the basics in Roberta Carroll (Editor) risk management handbook for health care organizations." (2011). ‏

- Kim, Chang Yeon, and Kyungho Lee. "Risk management to cryptocurrency exchange and investors guidelines to prevent potential threats." 2018 international conference on platform technology and service (PlatCon). IEEE, 2018. ‏

- Vaughan, Emmett J., and Therese M. Vaughan. Essentials of insurance: A risk management perspective. Wiley, 1995. ‏

- Bensaou, M., and Michael Earl. "The right mind-set for managing information technology." Harvard Business Review 76.5 (1998): 119-130. ‏

- Baker, Dixie B. "Trustworthy systems for safe and private healthcare." in Essentials of nursing informatics (2015). ‏

- Middleton, Alyssa Ashlyn. "Pediatric oncology social work job analysis." (2022). ‏

- ALDhanhani, Mohamed Jumah. "Review of Cyber Security on Oil and Gas Industry in United Arab Emirates: Analysis on the Effectiveness of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12.11 (2021): 714-720. ‏

- Raghavan, Aarthi, Mehmet Akif Demircioglu, and Araz Taeihagh. "Public health innovation through cloud adoption: a comparative analysis of drivers and barriers in Japan, South Korea, and Singapore." International Journal of Environmental Research and Public Health 18.1 (2021): 334. ‏

- Kabir, Umar Yusuf, et al. "Trends and best practices in health care cybersecurity insurance policy." Journal of healthcare risk management 40.2 (2020): 10-14. ‏

- DAVIS, JOHNNIE R. Healthcare Entities and Data Breach Threat Indicators and Deterrence: A Quantitative Study. Diss. Northcentral University, 2022. ‏

- Kim, Lee. "Cybersecurity: Ensuring Confidentiality, Integrity, and Availability of Information." Nursing Informatics. Springer, Cham, 2022. ‏

‏

- Carter, Barry E., Allen S. Weiner, and Duncan B. Hollis. International Law: [Connected eBook with Study Center]. Aspen Publishing, 2018. Tschider, Charlotte A. "Enhancing cybersecurity for the digital health marketplace." Annals Health L. 26 (2017): 1. ‏

- Carter, Barry E., Allen S. Weiner, and Duncan B. Hollis. International Law: [Connected eBook with Study Center]. Aspen Publishing, 2018. ‏

- Mkanta, William N., et al. "A 3-State Analysis of Black–White Disparities in Diabetes Hospitalizations Among Medicaid Beneficiaries." Health Services Research and Managerial Epidemiology 5 (2018): 2333392818783513

- Coventry, Lynne, and Dawn Branley. "Cybersecurity in healthcare: A narrative review of trends, threats and ways forward." Maturitas 113 (2018): 48-52. ‏

- Martin, Guy, et al. "Cybersecurity and healthcare: how safe are we?" Bmj 358 (2017). ‏

- Biener, Christian, Martin Eling, and Jan Hendrik Wirfs. "Insurability of cyber risk: An empirical analysis." The Geneva Papers on Risk and Insurance-Issues and Practice 40.1 (2015): 131-158. Perakslis, Eric D., and Martin Stanley. "A cybersecurity primer for translational research." Science translational medicine 8.322 (2016): 322ps2-322ps2. ‏

- Gatzlaff, Kevin M., and Kathleen A. McCullough. "Implications of privacy breaches for insurers." Journal of Insurance Regulation 31 (2012). ‏‏

- Shackelford, Scott J. "Should your firm invest in cyber risk insurance?" Business Horizons 55.4 (2012): 349-356. ‏‏

- Coventry, Lynne, and Dawn Branley. "Cybersecurity in healthcare: A narrative review of trends, threats and ways forward." Maturitas 113 (2018): 48-52. ‏

- Friedman, Sam, and Adam Thomas. "Demystifying cyber insurance coverage: Clearing obstacles in a problematic but promising growth market." A report by the Deloitte Center for Financial Services (2017). ‏

- Astani, Marzie, and Kathryn J. Ready. "Trends and preventive strategies for mitigating cybersecurity breaches in organizations." Issues in Information Systems 17.2 (2016).

- Bordoff, Samantha, Quan Chen, and Zheng Yan. "Cyber-attacks, contributing factors, and tackling strategies: the current status of the science of cybersecurity." International Journal of Cyber Behaviour, Psychology and Learning (IJCBPL) 7.4 (2017): 68-82.

- Ivan, Drew. "Moving toward a block chain-based method for the secure storage of patient records." ONC/NIST Use of Block chain for Healthcare and Research Workshop. Gaithersburg, Maryland, United States: ONC/NIST. sn, 2016.

- Krisby, Ryan M. "Health care held ransom: Modifications to data breach security & the future of health care privacy protection." Health Matrix 28 (2018): 365.