Risk Assessment and Mitigation Strategies in Medical Informatics for Cybersecurity and Patient Data Protection

Swarna Swetha  Kolaventi; Duryodhan  Jena; Kothakonda  Sairam; Hitesh  Kalra; Mridula  Gupta; Sumol  Ratna; Pooja  Varma

doi:10.56294/mw2024504

Authors

Swarna Swetha Kolaventi Department of uGDX, ATLAS SkillTech University, Mumbai, Maharashtra, India Author https://orcid.org/0000-0001-9892-847X
Duryodhan Jena Department of Management, Siksha 'O' Anusandhan (Deemed to be University), Bhubaneswar, Odisha, India Author https://orcid.org/0000-0002-9025-0905
Kothakonda Sairam Centre for Multidisciplinary Research, Anurag University, Hyderabad, Telangana, India Author https://orcid.org/0009-0007-0074-4172
Hitesh Kalra Chitkara Centre for Research and Development, Chitkara University, Himachal Pradesh, India Author https://orcid.org/0009-0000-5064-2165
Mridula Gupta Centre of Research Impact and Outcome, Chitkara University, Rajpura, Punjab, India Author https://orcid.org/0009-0002-8961-3059
Sumol Ratna Department of General Medicine, Noida International University, Greater Noida, Uttar Pradesh, India Author https://orcid.org/0009-0002-9790-2360
Pooja Varma Psychology , JAIN (Deemed-to-be University), Bangalore, Karnataka, India Author https://orcid.org/0000-0002-4866-0177

DOI:

https://doi.org/10.56294/mw2024504

Keywords:

Medical Informatics, Cybersecurity, Patient Data Protection, Risk Mitigation Strategies, Healthcare System Security

Abstract

While combining modern technology with medical analytics has greatly improved healthcare services, it has also generated several questions over hacking and patient data protection. The risks healthcare companies confront becoming more complex as more of them use telemedicine, electronic health records (EHRs), and other digital technologies. Cyberattacks on private patient data and healthcare systems may have disastrous effects including data breaches, lost vital services, and individuals entering medical records without authorisation. Regarding hacking, this paper examines the hazards associated with medical computers with an eye on the weaknesses in the present healthcare system. It identifies the primary hazards to data integrity and patient risk including ransomware, hacking, and insider threats. Furthermore discussed in the paper are some approaches to enhance medical computer safety. Among these strategies are strong encryption, secure login systems, and continuous monitoring tools capable of locating and reacting to security concerns in real time. The article also discusses the need of strong legal frameworks requiring best practices for data security and the need of healthcare professionals learning about hacking. Furthermore underlined is the need of developing a security attitude within healthcare institutions in order to resist fresh internet risks. Finally, the study advises greater research and development to ensure patient data is safer and offers instances of improved approaches to manage risks in healthcare systems. Maintaining confidence, adhering to regulations, and the overall performance of healthcare delivery systems as healthcare providers become digital depend critically on patient data being secure and private.

References

Al-Araji, Z.J.; Ahmad, S.S.S.; Abdullah, R. Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph. Karbala Int. J. Mod. Sci. 2022, 8, 313–329. DOI: https://doi.org/10.33640/2405-609X.3235

Kanakogi, K.; Washizaki, H.; Fukazawa, Y.; Ogata, S.; Okubo, T.; Kato, T.; Kanuka, H.; Hazeyama, A.; Yoshioka, N. Tracing cve vulnerability information to capec attack patterns using natural language processing techniques. Information 2021, 12, 298. DOI: https://doi.org/10.3390/info12080298

Snmez, F.Z.; Hankin, C.; Malacaria, P. Attack dynamics: An automatic attack graph generation framework based on system topology, CAPEC, CWE, and CVE databases. Comput. Secur. 2022, 123, 102938. DOI: https://doi.org/10.1016/j.cose.2022.102938

Kure, H.; Islam, S.; Ghazanfar, M.; Raza, A.; Pasha, M. Asset criticality and risk prediction for an effective cybersecurity risk management of cyber-physical system. Neural Comput. Appl. 2021, 34, 493–514. DOI: https://doi.org/10.1007/s00521-021-06400-0

Melaku, H.M. Context-Based and Adaptive Cybersecurity Risk Management Framework. Risks 2023, 11, 101. DOI: https://doi.org/10.3390/risks11060101

Zeng, Z.; Yang, Z.; Huang, D.; Chung, C.-J. LICALITY—Likelihood and Criticality: Vulnerability Risk Prioritization Through Logical Reasoning and Deep Learning. IEEE Trans. Netw. Serv. Manag. 2022, 19, 1746–1760. DOI: https://doi.org/10.1109/TNSM.2021.3133811

Kanakogi, K.; Washizaki, H.; Fukazawa, Y.; Ogata, S.; Okubo, T.; Kato, T.; Kanuka, H.; Hazeyama, A.; Yoshioka, N. Comparative Evaluation of NLP-Based Approaches for Linking CAPEC Attack Patterns from CVE Vulnerability Information. Appl. Sci. 2022, 12, 3400. DOI: https://doi.org/10.3390/app12073400

Mizrak, F. Integrating Cybersecurity Risk Management into Strategic Management: A Comprehensive Literature Review. Res. J. Bus. Manag. 2023, 10, 98–108. DOI: https://doi.org/10.17261/Pressacademia.2023.1807

Kotsias, J.; Ahmad, A.; Scheepers, R. Adopting and integrating cyber-threat intelligence in a commercial organisation. Eur. J. Inf. Syst. 2023, 32, 35–51. DOI: https://doi.org/10.1080/0960085X.2022.2088414

Ferreira, D.J.; Mateus-Coelho, N.; Mamede, H.S. Methodology for Predictive Cyber Security Risk Assessment (PCSRA). Procedia Comput. Sci. 2023, 219, 1555–1563. DOI: https://doi.org/10.1016/j.procs.2023.01.447

Cheimonidis, P.; Rantos, K. Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review. Future Internet 2023, 15, 324. DOI: https://doi.org/10.3390/fi15100324

Tanmaya Kumar Swain. (2015). Research & Development : Higher Education in India. International Journal on Research and Development - A Management Review, 4(2), 53 - 58.

El Amin, H.; Oueidat, L.; Chamoun, M.; Samhat, A.E.; Feghali, A. Blockchain-based multi-organizational cyber risk management framework for collaborative environments. Int. J. Inf. Secur. 2023, 23, 1231–1249. DOI: https://doi.org/10.1007/s10207-023-00788-7

Djenna, A.; Harous, S.; Saidouni, D.E. Internet of Things Meet Internet of Threats: New Concern Cyber Security Issues of Critical Cyber Infrastructure. Appl. Sci. 2021, 11, 4580. DOI: https://doi.org/10.3390/app11104580

Echeverría, A.; Cevallos, C.; Ortiz-Garces, I.; Andrade, R.O. Cybersecurity Model Based on Hardening for Secure Internet of Things Implementation. Appl. Sci. 2021, 11, 3260. DOI: https://doi.org/10.3390/app11073260

Almomani, O.; Almaiah, M.A.; Alsaaidah, A.; Smadi, S.; Mohammad, A.H.; Althunibat, A. Machine learning classifiers for network intrusion detection system: Comparative study. In Proceedings of the 2021 International Conference on Information Technology (ICIT), Amman, Jordan, 14–15 July 2021; pp. 440–445. DOI: https://doi.org/10.1109/ICIT52682.2021.9491770

Lin, Z.; Lin, M.; Champagne, B.; Zhu, W.-P.; Al-Dhahir, N. Secrecy-Energy Efficient Hybrid Beamforming for Satellite-Terrestrial Integrated Networks. IEEE Trans. Commun. 2021, 69, 6345–6360. DOI: https://doi.org/10.1109/TCOMM.2021.3088898

Lin, Z.; An, K.; Niu, H.; Hu, Y.; Chatzinotas, S.; Zheng, G.; Wang, J. SLNR-based Secure Energy Efficient Beamforming in Multibeam Satellite Systems. IEEE Trans. Aerosp. Electron. Syst. 2022, 59, 2085–2088. DOI: https://doi.org/10.1109/TAES.2022.3190238

Risk Assessment and Mitigation Strategies in Medical Informatics for Cybersecurity and Patient Data Protection

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

Issue

Section

License

How to Cite

Latest publications