The number of cyber-attacks around the world exploded in 2020: exploiting the Covid-19 pandemic as an opportunity for cybercriminals to take advantage of the shift in focus towards smart working and hospital staff transferred to the frontline.
Extended research paper (submitted February 2022): Public and private healthcare organisations: a socio-technical model for identifying cybersecurity aspects, K. Anastasopoulou, P. Mari, A. Magkanaraki, E. Spanakis, S. Magalini, M. Merialdo, V. Sakkalis, Journal of Engineering Research and Sciences (JENRS), Feb 2022
European Healthcare organisations have met growing common challenges. Health services have been identified at EU level as essential for the maintenance of critical societal and/or economic activities. Furthermore, patient safety and personal data are at risk in daily operations. ICT penetration and the increasing connectivity of devices within a healthcare organisation inevitably lead to a growing dependency on them. Therefore, a solid, cybersecurity prevention strategy is needed. Solidity depends on its capability to capture the Health Services specificities.
The article describes a socio-technical modelling approach, set-up by the H2020 PANACEA project, based on four models (Healthcare Organization (HCOM), Medical Device Lifecycle, Information System Lifecycle, Cybersecurity system). The proposed models can identify cybersecurity aspects, map cybersecurity interventions, and compare cybersecurity solutions for the Healthcare organisations, which, by default, constitute large and complicated structured organisations. Focusing on the HCOM model, this paper presents a methodological tool for identifying the socio-technical structure (technical and nontechnical) of a healthcare organisation from the cybersecurity perspective, thus delivering a valuable tool for both public and private healthcare organisations.