The growing adoption of IT solutions in the healthcare sector is accompanied by a steady increase in cybersecurity incidents. In response to this phenomenon regulations, standards, and best practices have been introduced to address cybersecurity and data protection issues in this sector. However, applying this large corpus of documents poses several operational hurdles, while operators continue to lag behind the growing number of cyber attacks. This paper contributes a Systematization of Knowledge (SoK) of the main cybersecurity documents relevant to the healthcare sector. We collected and analyzed 49 relevant documents and used the NIST Cybersecurity Framework as a taxonomical instrument to categorize key information extracted through a three-step analysis. We provide and quantify seven findings emerging from this analysis and propose a way to exploit the extracted measures to support cybersecurity assessments.
Dettaglio pubblicazione
2023, 2023 IEEE International Conference on Intelligence and Security Informatics (ISI), Pages -6
SoK: Cybersecurity Regulations, Standards and Guidelines for the Healthcare Sector (04b Atto di convegno in volume)
Carello MARIA PATRIZIA, Marchetti-Spaccamela Alberto, Querzoni Leonardo, Angelini Marco
ISBN: 979-8-3503-3773-0
keywords