The number of cyber-attacks around the world exploded in 2020: exploiting the Covid-19 pandemic as an opportunity for cybercriminals to take advantage of the shift in focus towards smart working and hospital staff transferred to the frontline.
This study (January 2019) investigates cybersecurity indexes relevant to the healthcare sector. These indexes are important as they measure security preparedness and capabilities for resilience to cyber-attacks and vulnerabilities.
Abstract: This study aimed to explore the cybersecurity landscape to identify cybersecurity indexes that may be relevant to the health industry. While the healthcare sector poses security concerns regarding patients' records, cybersecurity in the healthcare sector has not been given much consideration. Cybersecurity indexes are a survey that measures security preparedness and capabilities of a country or organisation. An index is made up of a series of questions, often broken into categories. These categories target areas such as law, technical responses, organisational threats, capacity building and social context. Some indexes provide ranking capabilities against other countries, while others directly evaluate what it means to be cyber-ready.
Methods: In this paper, cybersecurity indexes were reviewed regarding the level of assessment (country level/organisation level), and their consideration of the wider community, the health sector, and their appearance in academic literature.
Results: This study found that there was no consistency between the indexes investigated, with each index having a diverse number of categories and indicators. Some indexes resulted in a score; others did not rank their results in league tables. Evidence to calculate the level of adherence was often obtained from secondary sources, with four of the country indexes using both primary and secondary sources. Eight (out of fourteen) indexes measured wider community indicators and only one index specifically measured eHealth services.
Conclusions: Findings from the initial systematic review suggest that hardly any peer-reviewed journal articles exist on the topic of cybersecurity indexes. The paper concludes that most of the indexes studied are broad and do not consider the eHealth sector specifically. Each index relies on a different process to gauge cybersecurity, with little to no academic rigour. It is expected that this research will contribute to the current (limited) literature addressing cybersecurity indexes.
Proceedings of the Australasian Computer Science Week Multiconference Article No. 17.
PANACEA Research perspectives: This paper is of general interest to PANACEA as it pinpoints a gap in research in terms of peer-reviewed articles on cybersecurity indexes.
Keywords: Cybersecurity indexes, healthcare.
Lookout Watch entry date: 07/08/2019.