Incident Handling for Healthcare Organizations and Supply-Chains

2022 IEEE Symposium on Computers and Communications (ISCC) Pub Date : 2022-06-30 DOI:10.1109/ISCC55528.2022.9912965

Eftychia Lakka, George Hatzivasilis, Stylianos Karagiannis, Andreas D. Alexopoulos, M. Athanatos, S. Ioannidis, Manolis Chatzimpyrros, Grigoris Kalogiannis, G. Spanoudakis

{"title":"Incident Handling for Healthcare Organizations and Supply-Chains","authors":"Eftychia Lakka, George Hatzivasilis, Stylianos Karagiannis, Andreas D. Alexopoulos, M. Athanatos, S. Ioannidis, Manolis Chatzimpyrros, Grigoris Kalogiannis, G. Spanoudakis","doi":"10.1109/ISCC55528.2022.9912965","DOIUrl":null,"url":null,"abstract":"Healthcare ecosystems form a critical type of infrastructures that provide valuable services in today societies. However, the underlying sensitive information is also of interest of malicious entities around the globe, with the attack volume being continuously increasing. Safeguarding this complex computerized setting constitutes a major challenge for the involved organizations. This paper presents an incident handling system for healthcare organizations and their supply-chain. The proposed approach utilizes swarm intelligence in order to assess the current security posture in a continuous basis and respond to attacks in real-time. The overall solution is based on the related NIST 800.61 standard and implements the operations of i) preparation, ii) detection and analysis, iii) containment, eradication, and recovery, and iv) post-incident activity. The system is developed under the EU funded project AI4HEALTHSEC and is applied in the relevant healthcare pilots.","PeriodicalId":309606,"journal":{"name":"2022 IEEE Symposium on Computers and Communications (ISCC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC55528.2022.9912965","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Healthcare ecosystems form a critical type of infrastructures that provide valuable services in today societies. However, the underlying sensitive information is also of interest of malicious entities around the globe, with the attack volume being continuously increasing. Safeguarding this complex computerized setting constitutes a major challenge for the involved organizations. This paper presents an incident handling system for healthcare organizations and their supply-chain. The proposed approach utilizes swarm intelligence in order to assess the current security posture in a continuous basis and respond to attacks in real-time. The overall solution is based on the related NIST 800.61 standard and implements the operations of i) preparation, ii) detection and analysis, iii) containment, eradication, and recovery, and iv) post-incident activity. The system is developed under the EU funded project AI4HEALTHSEC and is applied in the relevant healthcare pilots.

查看原文本刊更多论文

针对医疗保健组织和供应链的事件处理

医疗保健生态系统构成了一种关键类型的基础设施，在当今社会提供有价值的服务。然而，随着攻击量的不断增加，底层的敏感信息也成为全球恶意实体的兴趣所在。保护这一复杂的计算机化环境是有关组织面临的一项重大挑战。本文为医疗保健组织及其供应链提供了一个事件处理系统。该方法利用群体智能来持续评估当前的安全状态，并实时响应攻击。整体解决方案基于相关的NIST 800.61标准，并实施i)准备、ii)检测和分析、iii)遏制、根除和恢复以及iv)事件后活动的操作。该系统是在欧盟资助的AI4HEALTHSEC项目下开发的，并在相关的医疗保健试点中应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 IEEE Symposium on Computers and Communications (ISCC)

自引率

0.00%

发文量