دانلود کتاب Understanding Cybersecurity Management in Healthcare: Challenges, Strategies and Trends (Progress in IS)

فهرست مطالب :

Preface
Acknowledgments
Contents
Chapter 1: The Healthcare Environment
1.1 Introduction
1.2 Categories of Healthcare
1.2.1 Healthcare Sectors
1.2.1.1 Healthcare Providers
1.2.1.2 Healthcare Financiers
1.2.1.3 Life Sciences
1.2.2 Hospital and Non-hospital Settings
1.2.2.1 Types of Hospitals
1.2.2.2 Non-hospital Sides of Healthcare
1.2.3 Public and Private Healthcare
1.2.4 Healthcare Levels
1.2.4.1 Primary Care
1.2.4.2 Secondary Care
1.2.4.3 Tertiary Care
1.2.4.4 Quaternary Care
1.3 Stakeholders in Healthcare
1.3.1 Categories of Stakeholders in Healthcare
1.3.1.1 External Stakeholders
1.3.1.2 Internal Stakeholders
1.3.1.3 Interface Stakeholders
1.3.2 Healthcare Stakeholder Management
1.3.2.1 Engaging Key Stakeholders in Healthcare
1.4 Public Healthcare Programs and Services
1.4.1 Public Health and Safety
1.4.2 Health Education and Promotion
1.4.3 Prevention and Wellness
1.4.4 Health Security
1.4.5 Healthcare Insurance
1.5 Areas of Higher Risk
1.5.1 Clinical Risks
1.5.2 Financial and Operational Risks
1.5.3 Legal and Regulatory Compliance Risks in Healthcare
1.5.4 Emerging Risks
1.5.5 Technology Risks in Healthcare
1.6 Chapter Summary
References
Chapter 2: The Basic of Cybersecurity Concept
2.1 Introduction
2.2 Cybersecurity Design Principles
2.3 Cybersecurity Basic Principles (CIAAA)
2.3.1 Confidentiality
2.3.2 Integrity
2.3.3 Availability
2.3.4 Authenticity
2.3.5 Accountability
2.4 Regulation
2.4.1 Cybercrime
2.4.2 Cybersecurity Laws and Regulations
2.5 Training and Development
2.6 Chapter Summary
References
Chapter 3: Defining Cybersecurity in Healthcare
3.1 Introduction
3.2 Basic Rationale of Cybersecurity in Healthcare
3.2.1 The Necessity of Cybersecurity in Healthcare
3.2.2 Applications of Cybersecurity in Healthcare
3.3 Categories of Cybersecurity in Healthcare
3.3.1 Common Cybersecurity Vulnerabilities in Healthcare Data
3.3.2 Common Cybersecurity Threats to Healthcare Data
3.3.3 Common Cybersecurity Attacks on Healthcare Data
3.4 Cybersecurity Objectives in Healthcare
3.4.1 Building a Secure Infrastructure
3.4.2 Securing Medical Endpoints
3.4.3 Implementing Consistent Security Standards
3.4.4 Making Security Easy for End-Users
3.5 Cybersecurity Design Considerations for Healthcare
3.5.1 Principles of Safety Systems Design in Healthcare Organizations
3.5.2 Sufficient Risk Assessments
3.5.3 Compliance before Security
3.5.4 Considering Security of Third-Party Providers
3.6 Developing the Healthcare Security System
3.6.1 Controlling Access to Sensitive Healthcare Information and Systems
3.6.2 Performing Continual Risk Assessments
3.6.3 Educating Users about their Role as the First Line of Defense
3.6.4 Preparing for Attacks and Breaches with a Backup and Recovery Plan
3.6.5 Adopting a Zero-Trust Security Model
3.7 Chapter Summary
References
Chapter 4: Data and Information Security
4.1 Introduction
4.2 Types of Data and Information in Healthcare
4.2.1 Electronic Health Records
4.2.2 Administrative Data
4.2.3 Claims Data
4.2.4 Patient/Disease Registries
4.2.5 Health Surveys
4.2.6 Clinical Trials Data
4.3 Information Security Methods
4.3.1 Authentication and Authorization
4.3.2 Encryption
4.3.3 Data Masking
4.3.4 Hardware-Based Security
4.3.5 Data Backup and Resilience
4.3.6 Data Erasure
4.4 Understanding Common Data Threats and Vulnerabilities
4.4.1 Accidental Exposure
4.4.2 Insider Threats
4.4.3 Ransomware
4.4.4 SQL Injection
4.4.5 Social Engineering Attacks
4.4.6 Data Loss in the Cloud
4.4.7 Data Discovery and Classification
4.5 Data Protection and Privacy
4.5.1 Definition and Importance of Data Protection
4.5.2 Principles of Data Protection and Regulations
4.5.3 Definition and Importance of Data Privacy
4.5.4 Data Protection vs Data Privacy
4.5.5 Data Protection Technologies and Practices
4.5.5.1 Data Discovery
4.5.5.2 Data Loss Prevention (DLP)
4.5.5.3 Storage with Built-in Data Protection
4.5.5.4 Backup and Replication
4.5.5.5 Firewalls
4.5.5.6 Authentication and Authorization
4.5.5.7 Encryption
4.5.5.8 Endpoint Protection
4.5.5.9 Data Erasure
4.5.5.10 Disaster Recovery
4.6 How to Protect Healthcare Data
4.6.1 Educate Healthcare Staff
4.6.2 Restrict Access to Data and Applications
4.6.3 Implement Data Usage Controls
4.6.4 Log and Monitor Use
4.6.5 Encrypt Data at Rest and in Transit
4.6.6 Secure Mobile Devices
4.6.7 Mitigate Connected Device Risks
4.6.8 Conduct Regular Risk Assessments
4.6.9 Backup Data to a Secure, Offsite Location
4.6.10 Carefully Evaluate the Security and Compliance Posture of Business Associates
4.7 Chapter Summary
References
Chapter 5: Personal Security
5.1 Introduction
5.2 Patient Cybersecurity
5.2.1 The Importance of Cybersecurity in Protecting Patient
5.2.2 How Do Cyberattacks Threaten Patient Safety?
5.2.3 How Do Cyberattacks Threaten Patient Privacy?
5.3 Doctors’ Cybersecurity
5.3.1 The Importance of Cybersecurity in Protecting Doctors
5.3.2 How Do Cyberattacks Threaten Doctors’ Safety?
5.3.3 How Do Cyberattacks Threaten Doctors’ Privacy?
5.4 Staff Cybersecurity
5.4.1 The Importance of Cybersecurity in Protecting Staff
5.4.2 How Do Cyberattacks Threaten Staff Safety?
5.4.3 How Do Cyberattacks Threaten Staff Privacy?
5.4.4 System Security for Staff
5.4.5 Security Awareness for Staff
5.4.5.1 Security Awareness Training for Staff
5.4.5.2 Why Is it Important to Educate Staff on Cybersecurity?
5.5 Chapter Summary
References
Chapter 6: Healthcare System and Infra-Security
6.1 Introduction
6.2 Healthcare Software Security
6.2.1 The Importance of Software Security in Healthcare
6.2.2 Healthcare Software Security Frameworks
6.3 Infra-Security in Healthcare
6.3.1 What Is Infra-Security in Healthcare?
6.3.2 How Does Infra-Security Work in the Healthcare System?
6.3.3 How Do Healthcare Systems Benefit from Infra-Security?
6.3.4 Types of Infra-Security in Healthcare
6.3.4.1 Firewalls
6.3.4.2 Email Security
6.3.4.3 Antivirus Software
6.3.4.4 Access Control
6.3.4.5 Data Loss Prevention (DLP)
6.3.4.6 Intrusion Detection and Prevention Systems (IDPS)
6.3.4.7 Mobile Device Security
6.3.4.8 Security Information and Event Management (SIEM)
6.3.4.9 Virtual Private Network (VPN)
6.3.4.10 Web Security
6.3.4.11 Wireless Security
6.4 Apps Security in Healthcare
6.4.1 Healthcare Apps and Data Privacy
6.4.2 Healthcare Apps Vulnerability and Attacks
6.4.3 Cybersecurity Risk of Healthcare Apps
6.5 Chapter Summary
References
Chapter 7: Detection and Prevention of Cyberattacks in Healthcare
7.1 Introduction
7.2 Cyberattack Phases in Healthcare
7.3 Healthcare Facility Insider Threat
7.4 Most Common Cyberattacks in Healthcare
7.4.1 Phishing
7.4.2 Man-in-the-Middle (MitM) Attacks
7.4.3 Attacks to Network Vulnerabilities
7.4.4 Ransomware Attacks
7.4.5 Data Breaches
7.4.6 DoS/DDoS Attacks
7.4.7 Network Attacks
7.4.8 Wireless Attacks
7.4.9 Malware Attacks
7.4.10 Social Engineering Attacks
7.5 Detecting Cyberattacks in Healthcare
7.6 Preventing Cyberattacks in Healthcare
7.6.1 Implementing Security Awareness Training
7.6.2 Data Usage Control
7.6.3 Monitoring of Mobile and Connected Devices
7.6.4 Assessing and Implementing Security Controls
7.6.5 Creating a Cybersecurity Strategy
7.6.6 Developing Cybersecurity Policies
7.6.7 Conducting a Security Risk Assessment
7.6.8 Conducting Employee Phishing Campaigns
7.6.9 Installing Spam Filters and Antimalware Software
7.7 Cyberattacks Response Procedures and Recovery Plans
7.8 Chapter Summary
References
Chapter 8: Cybersecurity Risk Analysis, Assessment, and Mitigation
8.1 Introduction
8.2 Vulnerability and Threat
8.2.1 Definition of Cybersecurity Vulnerability
8.2.2 Types of Cybersecurity Vulnerabilities in Healthcare
8.2.3 Healthcare Cybersecurity Vulnerabilities Assessment
8.3 Risk Analysis
8.3.1 Sources of Risk
8.3.2 Consequences of Risk
8.3.3 Risk Likelihood
8.4 Designing and Implementing a Mitigation Strategy
8.4.1 Types of Risk Response Strategies
8.4.2 Steps of Risk Mitigation
8.4.3 Risk Management and the Cybersecurity Framework
8.5 Backing up and Recovery Plan
8.5.1 What Is Data Backup?
8.5.2 Importance of Data Backup and Recovery in Healthcare
8.5.3 Backup and Data Recovery Strategies
8.5.4 Cloud-Based Data Recovery
8.6 Chapter Summary
References
Chapter 9: Cybersecurity Governance and Ethics
9.1 Introduction
9.2 Data Governance Framework in Healthcare
9.2.1 The Role of Healthcare Data Governance in Big Data Analytics
9.3 Steps to Healthcare Data Governance
9.4 Strategic Alignment
9.5 Privacy and Security in Healthcare
9.5.1 Security Concerns in Healthcare
9.5.2 Privacy Concerns in Healthcare
9.6 Legal, Regulatory, and Compliances
9.7 IT Governance
9.8 Awareness and Adherence
9.9 Chapter Summary
References
Chapter 10: Cybersecurity Challenges, Best Practices, and Future Work in Healthcare
10.1 Cybersecurity Concerns in Digital Healthcare
10.2 Mitigation Methods for Security and Privacy Concerns in Healthcare
10.3 Five Key Cyberattacks and Best Practices in Healthcare
10.4 Challenges of Personal Cybersecurity in Healthcare
10.5 Cybersecurity Best Practices for Healthcare Professionals and IT System Administrators
10.5.1 Healthcare Professionals
10.5.2 IT and System Administrators
10.6 Cybersecurity Future Work in Healthcare
10.7 Chapter Summary
References
Chapter 11: Conclusion