从失权到授权:制定医疗保健网络安全自我评估计划

IF 4.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Wendy Burke , Andrew Stranieri , Taiwo Oseni
{"title":"从失权到授权:制定医疗保健网络安全自我评估计划","authors":"Wendy Burke ,&nbsp;Andrew Stranieri ,&nbsp;Taiwo Oseni","doi":"10.1016/j.cose.2024.104148","DOIUrl":null,"url":null,"abstract":"<div><div>Due to the valuable and sensitive nature of its data, the Australian healthcare sector is increasingly targeted by cyberattacks. Existing cybersecurity evaluation methods often lack the specificity required to address the unique vulnerabilities within this sector, especially in terms of engaging stakeholders and fostering a proactive security culture. These evaluations often overlook psychological empowerment, which enhances individuals’ confidence in managing cybersecurity.</div><div>This study aims to develop a tailored cybersecurity self-assessment index for the Australian healthcare system. It will focus on enhancing psychological empowerment alongside technical assessments to improve overall sector resilience against cyber threats.</div><div>Using a design science research approach, the index was developed using expert reviews, online surveys, and in-depth interviews with key stakeholders, including healthcare providers, consumers, and government entities. This iterative process involved identifying gaps in existing cybersecurity measures and designing an index to address technical and human factors.</div><div>The index’s evaluation through a pilot study revealed that it effectively raised awareness and empowered individuals within the healthcare sector to take ownership of cybersecurity practices. Participants reported increased confidence in managing cybersecurity risks and found the index’s actionable recommendations helpful in improving their security posture. However, challenges related to its applicability across diverse healthcare environments and regulatory constraints were identified.</div><div>The Australian Healthcare Cybersecurity Self-Assessment Index shows promise as a tool for strengthening cybersecurity in the healthcare sector by integrating psychological empowerment with technical assessments. Further research is needed to refine the tool, incorporate quantitative data, and explore its scalability across different healthcare settings and global applications.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104148"},"PeriodicalIF":4.8000,"publicationDate":"2024-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"From Dis-empowerment to empowerment: Crafting a healthcare cybersecurity self-assessment\",\"authors\":\"Wendy Burke ,&nbsp;Andrew Stranieri ,&nbsp;Taiwo Oseni\",\"doi\":\"10.1016/j.cose.2024.104148\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Due to the valuable and sensitive nature of its data, the Australian healthcare sector is increasingly targeted by cyberattacks. Existing cybersecurity evaluation methods often lack the specificity required to address the unique vulnerabilities within this sector, especially in terms of engaging stakeholders and fostering a proactive security culture. These evaluations often overlook psychological empowerment, which enhances individuals’ confidence in managing cybersecurity.</div><div>This study aims to develop a tailored cybersecurity self-assessment index for the Australian healthcare system. It will focus on enhancing psychological empowerment alongside technical assessments to improve overall sector resilience against cyber threats.</div><div>Using a design science research approach, the index was developed using expert reviews, online surveys, and in-depth interviews with key stakeholders, including healthcare providers, consumers, and government entities. This iterative process involved identifying gaps in existing cybersecurity measures and designing an index to address technical and human factors.</div><div>The index’s evaluation through a pilot study revealed that it effectively raised awareness and empowered individuals within the healthcare sector to take ownership of cybersecurity practices. Participants reported increased confidence in managing cybersecurity risks and found the index’s actionable recommendations helpful in improving their security posture. However, challenges related to its applicability across diverse healthcare environments and regulatory constraints were identified.</div><div>The Australian Healthcare Cybersecurity Self-Assessment Index shows promise as a tool for strengthening cybersecurity in the healthcare sector by integrating psychological empowerment with technical assessments. Further research is needed to refine the tool, incorporate quantitative data, and explore its scalability across different healthcare settings and global applications.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"148 \",\"pages\":\"Article 104148\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S016740482400453X\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482400453X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

由于其数据的宝贵性和敏感性,澳大利亚医疗保健行业日益成为网络攻击的目标。现有的网络安全评估方法往往缺乏针对性,无法解决该行业特有的脆弱性问题,特别是在吸引利益相关者参与和培养积极主动的安全文化方面。本研究旨在为澳大利亚医疗系统量身定制网络安全自我评估指数。本研究旨在为澳大利亚医疗保健系统开发量身定制的网络安全自我评估指数,在进行技术评估的同时,还将重点加强心理赋权,以提高医疗保健行业抵御网络威胁的整体能力。该指数采用设计科学研究方法,通过专家评审、在线调查以及与医疗保健提供商、消费者和政府实体等主要利益相关方的深入访谈来开发。这一迭代过程包括确定现有网络安全措施中的差距,并设计一个指数来解决技术和人为因素。通过试点研究对该指数进行评估后发现,该指数有效地提高了医疗保健行业内个人对网络安全实践的认识,并增强了他们对网络安全实践的主人翁意识。参与者表示对管理网络安全风险的信心有所增强,并认为指数中的可行建议有助于改善他们的安全态势。澳大利亚医疗保健网络安全自我评估指数将心理授权与技术评估相结合,有望成为加强医疗保健行业网络安全的工具。还需要进一步研究,以完善该工具,纳入定量数据,并探索其在不同医疗环境和全球应用中的可扩展性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
From Dis-empowerment to empowerment: Crafting a healthcare cybersecurity self-assessment
Due to the valuable and sensitive nature of its data, the Australian healthcare sector is increasingly targeted by cyberattacks. Existing cybersecurity evaluation methods often lack the specificity required to address the unique vulnerabilities within this sector, especially in terms of engaging stakeholders and fostering a proactive security culture. These evaluations often overlook psychological empowerment, which enhances individuals’ confidence in managing cybersecurity.
This study aims to develop a tailored cybersecurity self-assessment index for the Australian healthcare system. It will focus on enhancing psychological empowerment alongside technical assessments to improve overall sector resilience against cyber threats.
Using a design science research approach, the index was developed using expert reviews, online surveys, and in-depth interviews with key stakeholders, including healthcare providers, consumers, and government entities. This iterative process involved identifying gaps in existing cybersecurity measures and designing an index to address technical and human factors.
The index’s evaluation through a pilot study revealed that it effectively raised awareness and empowered individuals within the healthcare sector to take ownership of cybersecurity practices. Participants reported increased confidence in managing cybersecurity risks and found the index’s actionable recommendations helpful in improving their security posture. However, challenges related to its applicability across diverse healthcare environments and regulatory constraints were identified.
The Australian Healthcare Cybersecurity Self-Assessment Index shows promise as a tool for strengthening cybersecurity in the healthcare sector by integrating psychological empowerment with technical assessments. Further research is needed to refine the tool, incorporate quantitative data, and explore its scalability across different healthcare settings and global applications.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信