Risk Assessment and Mitigation Strategies in Medical Informatics for Cybersecurity and Patient Data Protection
DOI:
https://doi.org/10.56294/mw2024504Keywords:
Medical Informatics, Cybersecurity, Patient Data Protection, Risk Mitigation Strategies, Healthcare System SecurityAbstract
While combining modern technology with medical analytics has greatly improved healthcare services, it has also generated several questions over hacking and patient data protection. The risks healthcare companies confront becoming more complex as more of them use telemedicine, electronic health records (EHRs), and other digital technologies. Cyberattacks on private patient data and healthcare systems may have disastrous effects including data breaches, lost vital services, and individuals entering medical records without authorisation. Regarding hacking, this paper examines the hazards associated with medical computers with an eye on the weaknesses in the present healthcare system. It identifies the primary hazards to data integrity and patient risk including ransomware, hacking, and insider threats. Furthermore discussed in the paper are some approaches to enhance medical computer safety. Among these strategies are strong encryption, secure login systems, and continuous monitoring tools capable of locating and reacting to security concerns in real time. The article also discusses the need of strong legal frameworks requiring best practices for data security and the need of healthcare professionals learning about hacking. Furthermore underlined is the need of developing a security attitude within healthcare institutions in order to resist fresh internet risks. Finally, the study advises greater research and development to ensure patient data is safer and offers instances of improved approaches to manage risks in healthcare systems. Maintaining confidence, adhering to regulations, and the overall performance of healthcare delivery systems as healthcare providers become digital depend critically on patient data being secure and private.
References
Al-Araji, Z.J.; Ahmad, S.S.S.; Abdullah, R. Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph. Karbala Int. J. Mod. Sci. 2022, 8, 313–329.
Kanakogi, K.; Washizaki, H.; Fukazawa, Y.; Ogata, S.; Okubo, T.; Kato, T.; Kanuka, H.; Hazeyama, A.; Yoshioka, N. Tracing cve vulnerability information to capec attack patterns using natural language processing techniques. Information 2021, 12, 298.
Snmez, F.Z.; Hankin, C.; Malacaria, P. Attack dynamics: An automatic attack graph generation framework based on system topology, CAPEC, CWE, and CVE databases. Comput. Secur. 2022, 123, 102938.
Kure, H.; Islam, S.; Ghazanfar, M.; Raza, A.; Pasha, M. Asset criticality and risk prediction for an effective cybersecurity risk management of cyber-physical system. Neural Comput. Appl. 2021, 34, 493–514.
Melaku, H.M. Context-Based and Adaptive Cybersecurity Risk Management Framework. Risks 2023, 11, 101.
Zeng, Z.; Yang, Z.; Huang, D.; Chung, C.-J. LICALITY—Likelihood and Criticality: Vulnerability Risk Prioritization Through Logical Reasoning and Deep Learning. IEEE Trans. Netw. Serv. Manag. 2022, 19, 1746–1760.
Kanakogi, K.; Washizaki, H.; Fukazawa, Y.; Ogata, S.; Okubo, T.; Kato, T.; Kanuka, H.; Hazeyama, A.; Yoshioka, N. Comparative Evaluation of NLP-Based Approaches for Linking CAPEC Attack Patterns from CVE Vulnerability Information. Appl. Sci. 2022, 12, 3400.
Mizrak, F. Integrating Cybersecurity Risk Management into Strategic Management: A Comprehensive Literature Review. Res. J. Bus. Manag. 2023, 10, 98–108.
Kotsias, J.; Ahmad, A.; Scheepers, R. Adopting and integrating cyber-threat intelligence in a commercial organisation. Eur. J. Inf. Syst. 2023, 32, 35–51.
Ferreira, D.J.; Mateus-Coelho, N.; Mamede, H.S. Methodology for Predictive Cyber Security Risk Assessment (PCSRA). Procedia Comput. Sci. 2023, 219, 1555–1563.
Cheimonidis, P.; Rantos, K. Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review. Future Internet 2023, 15, 324.
Tanmaya Kumar Swain. (2015). Research & Development : Higher Education in India. International Journal on Research and Development - A Management Review, 4(2), 53 - 58.
El Amin, H.; Oueidat, L.; Chamoun, M.; Samhat, A.E.; Feghali, A. Blockchain-based multi-organizational cyber risk management framework for collaborative environments. Int. J. Inf. Secur. 2023, 23, 1231–1249.
Djenna, A.; Harous, S.; Saidouni, D.E. Internet of Things Meet Internet of Threats: New Concern Cyber Security Issues of Critical Cyber Infrastructure. Appl. Sci. 2021, 11, 4580.
Echeverría, A.; Cevallos, C.; Ortiz-Garces, I.; Andrade, R.O. Cybersecurity Model Based on Hardening for Secure Internet of Things Implementation. Appl. Sci. 2021, 11, 3260.
Almomani, O.; Almaiah, M.A.; Alsaaidah, A.; Smadi, S.; Mohammad, A.H.; Althunibat, A. Machine learning classifiers for network intrusion detection system: Comparative study. In Proceedings of the 2021 International Conference on Information Technology (ICIT), Amman, Jordan, 14–15 July 2021; pp. 440–445.
Lin, Z.; Lin, M.; Champagne, B.; Zhu, W.-P.; Al-Dhahir, N. Secrecy-Energy Efficient Hybrid Beamforming for Satellite-Terrestrial Integrated Networks. IEEE Trans. Commun. 2021, 69, 6345–6360.
Lin, Z.; An, K.; Niu, H.; Hu, Y.; Chatzinotas, S.; Zheng, G.; Wang, J. SLNR-based Secure Energy Efficient Beamforming in Multibeam Satellite Systems. IEEE Trans. Aerosp. Electron. Syst. 2022, 59, 2085–2088.
Published
Issue
Section
License
Copyright (c) 2024 Swarna Swetha Kolaventi, Duryodhan Jena, Kothakonda Sairam, Hitesh Kalra, Mridula Gupta, Sumol Ratna, Pooja Varma (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.
