Hospitals' Cybersecurity Culture during the COVID-19 Crisis

被引:7
作者
Georgiadou, Anna [1 ]
Michalitsi-Psarrou, Ariadni [1 ]
Gioulekas, Fotios
Stamatiadis, Evangelos [2 ]
Tzikas, Athanasios [2 ]
Gounaris, Konstantinos [2 ]
Doukas, Georgios [1 ]
Ntanos, Christos [1 ]
Landeiro Ribeiro, Luis [3 ]
Askounis, Dimitris [1 ]
机构
[1] Natl Tech Univ Athens, Decis Support Syst Lab, Iroon Polytech 9, Athens 15780, Greece
[2] 5th Reg Hlth Author Thessaly & Sterea, Mezourlo 41110, Larissa, Greece
[3] Projeto Desenvolvimento Manutencao Formacao & Con, Rua Fradesso da Silveira 4,Piso 1 B, P-1300609 Lisbon, Portugal
基金
欧盟地平线“2020”;
关键词
cybersecurity culture; COVID-19; security assessment; phishing; health domain; HEALTH;
D O I
10.3390/healthcare9101335
中图分类号
R19 [保健组织与事业(卫生事业管理)];
学科分类号
摘要
The coronavirus pandemic led to an unprecedented crisis affecting all aspects of the concurrent reality. Its consequences vary from political and societal to technical and economic. These side effects provided fertile ground for a noticeable cyber-crime increase targeting critical infrastructures and, more specifically, the health sector; the domain suffering the most during the pandemic. This paper aims to assess the cybersecurity culture readiness of hospitals' workforce during the COVID-19 crisis. Towards that end, a cybersecurity awareness webinar was held in December 2020 targeting Greek Healthcare Institutions. Concepts of cybersecurity policies, standards, best practices, and solutions were addressed. Its effectiveness was evaluated via a two-step procedure. Firstly, an anonymous questionnaire was distributed at the end of the webinar and voluntarily answered by attendees to assess the comprehension level of the presented cybersecurity aspects. Secondly, a post-evaluation phishing campaign was conducted approximately four months after the webinar, addressing non-medical employees. The main goal was to identify security awareness weaknesses and assist in drafting targeted assessment campaigns specifically tailored to the health domain needs. This paper analyses in detail the results of the aforementioned approaches while also outlining the lessons learned along with the future scientific routes deriving from this research.
引用
收藏
页数:21
相关论文
共 57 条
[1]  
Akbar N., 2014, THESIS U TWENTE ENSC
[2]   A Survey of Phishing Email Filtering Techniques [J].
Almomani, Ammar ;
Gupta, B. B. ;
Atawneh, Samer ;
Meulenberg, A. ;
Almomani, Eman .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2013, 15 (04) :2070-2090
[3]  
Alzahrani A, 2020, INT J ADV COMPUT SC, V11, P154
[4]  
[Anonymous], 2021, SPHINX H2020 PROJECT
[5]  
[Anonymous], 2021, Updated estimates an analysis
[6]   Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks [J].
Argaw, Salem T. ;
Troncoso-Pastoriza, Juan R. ;
Lacey, Darren ;
Florin, Marie-Valentine ;
Calcavecchia, Franck ;
Anderson, Denise ;
Burleson, Wayne ;
Vogel, Jan-Michael ;
O'Leary, Chana ;
Eshaya-Chauvin, Bruce ;
Flahault, Antoine .
BMC MEDICAL INFORMATICS AND DECISION MAKING, 2020, 20 (01)
[7]  
Bick A., 2020, WORK HOME COVID 19 O, DOI [10.24149/wp2017, DOI 10.24149/WP2017R1, 10.24149/wp2017r1]
[8]  
Blanco A.G, 2020, BBVA 0427
[9]   A Study into Data Analysis and Visualisation to increase the Cyber-Resilience of Healthcare Infrastructures [J].
Boddy, Aaron ;
Hurst, William ;
Mackay, Michael ;
El Rhalibi, Abdennour .
PROCEEDINGS OF THE 1ST INTERNATIONAL CONFERENCE ON INTERNET OF THINGS AND MACHINE LEARNING (IML'17), 2017,
[10]  
Cimpanu C., 2020, ZDNet