A Practical Experience Applying Security Audit Techniques in An Industrial Healthcare System
Healthcare institutions are an ever-innovative field, where modernization is advancing by leaps and bounds. This modernization, called “digitization”, brings with it some concerns that need to be taken into account. The aim of this work is to present away to combine the advantages of cybersecurity a...
| Autores: | , , , |
|---|---|
| Tipo de recurso: | capítulo de libro |
| Estado: | Versión aceptada para publicación |
| Fecha de publicación: | 2022 |
| País: | España |
| Institución: | Universidad de Sevilla (US) |
| Repositorio: | idUS. Depósito de Investigación de la Universidad de Sevilla |
| OAI Identifier: | oai:idus.us.es:11441/168828 |
| Acceso en línea: | https://hdl.handle.net/11441/168828 https://doi.org/10.1007/978-3-030-93453-8_1 |
| Access Level: | acceso abierto |
| Palabra clave: | Artificial intelligence Cybersecurity Healthcare Pentesting Security |
| Sumario: | Healthcare institutions are an ever-innovative field, where modernization is advancing by leaps and bounds. This modernization, called “digitization”, brings with it some concerns that need to be taken into account. The aim of this work is to present away to combine the advantages of cybersecurity and artificial intelligence to protect what is of most concern: electronic medical records and the privacy of patient data. Health-related data in healthcare systems are subject to strict regulations, such as the EU’s General Data Protection Regulation (GDPR), non-compliance with which imposes huge penalties and fines. Healthcare cybersecurity plays an important role in protecting this sensitive data, which is highly valuable to criminals. The methodology used to perform a security assessment process has been orchestrated with frameworks that make the audit process as comprehensive and organized as possible. The results of this study include a security audit on an industrial scenario currently in production. An exploitation and vulnerability analysis has been performed, and more that 450 vulnerabilities has been found. This chapter outlines a systematic approach using artificial intelligence to enable the system security team to facilitate the process of conducting a security audit taking into account the sensitivity of their systems. |
|---|