This cyberwatching.eu webinar in November 2020 looked at the practical aspects of risk management, tools and the broader scheme, such as how to do it cost effectively and optimising resources while keeping the right level of security. 

PANACEA was among the projects developing new risk management solutions giving lightning talks. Fabrizio De Vecchis from RHEA presented “people-centric risk management for healthcare”, thematically focusing on the PANACEA dynamic risk management platform. 

Part of the PANACEA cybersecurity toolkit, the DRMP enables the computation of all possible attack paths on multiple layers, spanning the network, access to IT systems and humans, to protect complex hospital IT infrastructure. It quantitatively assesses the current level of risk through a multi-dimensional threat analysis and its business impact. An innovative aspect of DRMP is the multi-dimensional attack model, reflecting the role played by human behaviours in the development of a cyber-attack. The model tries to capture how human users access ICT and medical devices, identifying human vulnerabilities that can be exploited to materialise the most common threats in healthcare organisations.

DRMP is tested at the Gemelli University Hospital and its Laboratory of Systems with connected medical devices (Point of Care Testing) for urgent blood analysis. It is also tested by the Irish Health Service Executive with monitor control systems in hospitals and wireless connected medical devices used by patients. 

DRMP is developed by RHEA, RINA and the Sapienza University of Rome. Validation of the tool is starting in Q1-2021. 

PANACEA lightning talk on the video recording: 02:36-02:48

Fabrizio De Vecchis, RHEA, People-centric Risk Management for Healthcare

Watch the cyberwatching.eu webinar recording and download slides here

Download the full report about the Cyberwatching.eu Webinar on Risk Management here