Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector

Humberto Luis Salcedo Jara; Henry Bryan Pérez Navarro; Jimmy Armas-Aguirre

doi:10.1007/978-3-030-75680-2_40

Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector

Humberto Luis Salcedo Jara, Henry Bryan Pérez Navarro, Jimmy Armas-Aguirre

Facultad de Ingeniería

Universidad Peruana de Ciencias Aplicadas

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

6 Citas (Scopus)

Resumen

In this paper, we propose a model of capabilities that identify the reliability degree of Cybersecurity and Privacy elements applied to the Health Sector. The increasing interactions between technology and the health sector have brought a new set of risks to be confronted, such as data breaches and cyberattacks. However, in order to improve, a greater understanding of their current situation is needed. The proposal identifies the capability level for the organizations to know their maturity level comprehensively. This was achieved by selecting existing models, frameworks, and regulations, increasing their complexity, integrating their privacy and cybersecurity capabilities, and health data management. In this way, the proposal is supported by a tool prepared for outcome estimation and diagnosis. The model structure is organized into categories and subcategories, and the assessment is made according to the level of compliance with controls, for which five levels of maturity were defined: 1. Basic, 2. In Progress, 3. Defined, 4. Differentiated, 5. Continuous Improvement. The model was validated and proven in a private hospital in Lima, Peru. The preliminary results are related to the model application in the selected process. As a result, we found that the private hospital obtained a level of maturity of 2-In Progress. Based on this, we made some recommendations to improve the capacities of the assessed health provider. A comparison was made between the proposed model's results and the ones obtained through its root components. Said results were similar, thus proving that a coherent and comprehensive integration was achieved.

Idioma original	Inglés
Título de la publicación alojada	Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology
Editores	Yuzo Iano, Osamu Saotome, Guillermo Kemper, Ana Claudia Mendes de Seixas, Gabriel Gomes de Oliveira
Editorial	Springer Science and Business Media Deutschland GmbH
Páginas	359-367
Número de páginas	9
ISBN (versión impresa)	9783030756796
DOI	https://doi.org/10.1007/978-3-030-75680-2_40
Estado	Publicada - 2021
Evento	6th Brazilian Technology Symposium, BTSym 2020 - Virtual, Online Duración: 26 oct. 2020 → 28 oct. 2020

Serie de la publicación

Nombre	Smart Innovation, Systems and Technologies
Volumen	233
ISSN (versión impresa)	2190-3018
ISSN (versión digital)	2190-3026

Conferencia

Conferencia	6th Brazilian Technology Symposium, BTSym 2020
Ciudad	Virtual, Online
Período	26/10/20 → 28/10/20

Acceder al documento

10.1007/978-3-030-75680-2_40

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Jara, H. L. S., Navarro, H. B. P., & Armas-Aguirre, J. (2021). Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector. En Y. Iano, O. Saotome, G. Kemper, A. C. Mendes de Seixas, & G. Gomes de Oliveira (Eds.), Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology (pp. 359-367). (Smart Innovation, Systems and Technologies; Vol. 233). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-75680-2_40

Jara, Humberto Luis Salcedo ; Navarro, Henry Bryan Pérez ; Armas-Aguirre, Jimmy. / Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector. Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology. editor / Yuzo Iano ; Osamu Saotome ; Guillermo Kemper ; Ana Claudia Mendes de Seixas ; Gabriel Gomes de Oliveira. Springer Science and Business Media Deutschland GmbH, 2021. pp. 359-367 (Smart Innovation, Systems and Technologies).

@inproceedings{dd684e9deab446b89b4accb6a2c7f283,

title = "Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector",

abstract = "In this paper, we propose a model of capabilities that identify the reliability degree of Cybersecurity and Privacy elements applied to the Health Sector. The increasing interactions between technology and the health sector have brought a new set of risks to be confronted, such as data breaches and cyberattacks. However, in order to improve, a greater understanding of their current situation is needed. The proposal identifies the capability level for the organizations to know their maturity level comprehensively. This was achieved by selecting existing models, frameworks, and regulations, increasing their complexity, integrating their privacy and cybersecurity capabilities, and health data management. In this way, the proposal is supported by a tool prepared for outcome estimation and diagnosis. The model structure is organized into categories and subcategories, and the assessment is made according to the level of compliance with controls, for which five levels of maturity were defined: 1. Basic, 2. In Progress, 3. Defined, 4. Differentiated, 5. Continuous Improvement. The model was validated and proven in a private hospital in Lima, Peru. The preliminary results are related to the model application in the selected process. As a result, we found that the private hospital obtained a level of maturity of 2-In Progress. Based on this, we made some recommendations to improve the capacities of the assessed health provider. A comparison was made between the proposed model's results and the ones obtained through its root components. Said results were similar, thus proving that a coherent and comprehensive integration was achieved.",

keywords = "Cyber threat intelligence, Cybersecurity, Dark web, Maturity model",

author = "Jara, \{Humberto Luis Salcedo\} and Navarro, \{Henry Bryan P{\'e}rez\} and Jimmy Armas-Aguirre",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 6th Brazilian Technology Symposium, BTSym 2020 ; Conference date: 26-10-2020 Through 28-10-2020",

year = "2021",

doi = "10.1007/978-3-030-75680-2\_40",

language = "Ingl{\'e}s",

isbn = "9783030756796",

series = "Smart Innovation, Systems and Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "359--367",

editor = "Yuzo Iano and Osamu Saotome and Guillermo Kemper and \{Mendes de Seixas\}, \{Ana Claudia\} and \{Gomes de Oliveira\}, Gabriel",

booktitle = "Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology",

}

Jara, HLS, Navarro, HBP & Armas-Aguirre, J 2021, Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector. En Y Iano, O Saotome, G Kemper, AC Mendes de Seixas & G Gomes de Oliveira (eds.), Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology. Smart Innovation, Systems and Technologies, vol. 233, Springer Science and Business Media Deutschland GmbH, pp. 359-367, 6th Brazilian Technology Symposium, BTSym 2020, Virtual, Online, 26/10/20. https://doi.org/10.1007/978-3-030-75680-2_40

Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector. / Jara, Humberto Luis Salcedo; Navarro, Henry Bryan Pérez; Armas-Aguirre, Jimmy.
Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology. ed. / Yuzo Iano; Osamu Saotome; Guillermo Kemper; Ana Claudia Mendes de Seixas; Gabriel Gomes de Oliveira. Springer Science and Business Media Deutschland GmbH, 2021. p. 359-367 (Smart Innovation, Systems and Technologies; Vol. 233).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

TY - GEN

T1 - Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector

AU - Jara, Humberto Luis Salcedo

AU - Navarro, Henry Bryan Pérez

AU - Armas-Aguirre, Jimmy

PY - 2021

Y1 - 2021

N2 - In this paper, we propose a model of capabilities that identify the reliability degree of Cybersecurity and Privacy elements applied to the Health Sector. The increasing interactions between technology and the health sector have brought a new set of risks to be confronted, such as data breaches and cyberattacks. However, in order to improve, a greater understanding of their current situation is needed. The proposal identifies the capability level for the organizations to know their maturity level comprehensively. This was achieved by selecting existing models, frameworks, and regulations, increasing their complexity, integrating their privacy and cybersecurity capabilities, and health data management. In this way, the proposal is supported by a tool prepared for outcome estimation and diagnosis. The model structure is organized into categories and subcategories, and the assessment is made according to the level of compliance with controls, for which five levels of maturity were defined: 1. Basic, 2. In Progress, 3. Defined, 4. Differentiated, 5. Continuous Improvement. The model was validated and proven in a private hospital in Lima, Peru. The preliminary results are related to the model application in the selected process. As a result, we found that the private hospital obtained a level of maturity of 2-In Progress. Based on this, we made some recommendations to improve the capacities of the assessed health provider. A comparison was made between the proposed model's results and the ones obtained through its root components. Said results were similar, thus proving that a coherent and comprehensive integration was achieved.

AB - In this paper, we propose a model of capabilities that identify the reliability degree of Cybersecurity and Privacy elements applied to the Health Sector. The increasing interactions between technology and the health sector have brought a new set of risks to be confronted, such as data breaches and cyberattacks. However, in order to improve, a greater understanding of their current situation is needed. The proposal identifies the capability level for the organizations to know their maturity level comprehensively. This was achieved by selecting existing models, frameworks, and regulations, increasing their complexity, integrating their privacy and cybersecurity capabilities, and health data management. In this way, the proposal is supported by a tool prepared for outcome estimation and diagnosis. The model structure is organized into categories and subcategories, and the assessment is made according to the level of compliance with controls, for which five levels of maturity were defined: 1. Basic, 2. In Progress, 3. Defined, 4. Differentiated, 5. Continuous Improvement. The model was validated and proven in a private hospital in Lima, Peru. The preliminary results are related to the model application in the selected process. As a result, we found that the private hospital obtained a level of maturity of 2-In Progress. Based on this, we made some recommendations to improve the capacities of the assessed health provider. A comparison was made between the proposed model's results and the ones obtained through its root components. Said results were similar, thus proving that a coherent and comprehensive integration was achieved.

KW - Cyber threat intelligence

KW - Cybersecurity

KW - Dark web

KW - Maturity model

UR - https://www.scopus.com/pages/publications/85111363780

U2 - 10.1007/978-3-030-75680-2_40

DO - 10.1007/978-3-030-75680-2_40

M3 - Contribución a la conferencia

AN - SCOPUS:85111363780

SN - 9783030756796

T3 - Smart Innovation, Systems and Technologies

SP - 359

EP - 367

BT - Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology

A2 - Iano, Yuzo

A2 - Saotome, Osamu

A2 - Kemper, Guillermo

A2 - Mendes de Seixas, Ana Claudia

A2 - Gomes de Oliveira, Gabriel

PB - Springer Science and Business Media Deutschland GmbH

T2 - 6th Brazilian Technology Symposium, BTSym 2020

Y2 - 26 October 2020 through 28 October 2020

ER -

Jara HLS, Navarro HBP, Armas-Aguirre J. Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector. En Iano Y, Saotome O, Kemper G, Mendes de Seixas AC, Gomes de Oliveira G, editores, Proceedings of the 6th Brazilian Technology Symposium, BTSym 2020 - Emerging Trends and Challenges in Technology. Springer Science and Business Media Deutschland GmbH. 2021. p. 359-367. (Smart Innovation, Systems and Technologies). doi: 10.1007/978-3-030-75680-2_40

Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector

Resumen

Serie de la publicación

Conferencia

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto