Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
HI-risk: A method to analyse health information risk intelligence
Buchanan, William J; van Deursen, Nicole
Authors
Nicole van Deursen
Abstract
Information security threat intelligence is a prevalent topic amongst researchers, long-established IT-vendors and start-ups. The possibilities of Big Data analytics to security threat and vulnerability scanning offer a significant development in the protection of infrastructures. At the same time, industry research reports continue to state that the main contributing factor in the events leading to a data breach is human error. The common response of information security professionals is to resort to technological solutions to prevent these human errors. However, some very important information security intelligence is not hidden within the network traffic: it's available from the people that work with sensitive information. This article describes the Health Information risk (HI-risk) method to identify non-technical information security risks in healthcare. The method includes risks related to skills, behaviour, processes, organisational culture, physical security, and external influences. HI-risk offers a solution to collect intelligence about non-technical information security incidents from across the healthcare sector to demonstrate past trends and to be ahead of future incidents. A test of a HI-risk forecast proved the feasibility of this approach in healthcare and beyond. It is suggested that HI-risk could become a valuable addition to existing technical threat and vulnerability monitoring tools.
Citation
Buchanan, W. J., & van Deursen, N. (2016, September). HI-risk: A method to analyse health information risk intelligence. Presented at 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom)
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) |
| Start Date | Sep 14, 2016 |
| End Date | Sep 16, 2016 |
| Acceptance Date | Oct 31, 2016 |
| Online Publication Date | Oct 31, 2016 |
| Publication Date | Nov 21, 2016 |
| Deposit Date | Apr 29, 2017 |
| Publicly Available Date | May 25, 2017 |
| Print ISSN | 2325-6095 |
| Publisher | Institute of Electrical and Electronics Engineers |
| Peer Reviewed | Peer Reviewed |
| Book Title | 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) |
| ISBN | 9781509033706 |
| DOI | https://doi.org/10.1109/healthcom.2016.7749536 |
| Keywords | risk model; security intelligence; socio-technical information security |
| Public URL | http://researchrepository.napier.ac.uk/Output/835559 |
| Contract Date | May 25, 2017 |
Files
Hi-risk: a method to analyse health information risk intelligence
(333 Kb)
PDF
You might also like
Securing IoT: Mitigating Sybil Flood Attacks with Bloom Filters and Hash Chains
(2024)
Journal Article
Chaotic Quantum Encryption to Secure Image Data in Post Quantum Consumer Technology
(2024)
Journal Article
Detection of Ransomware
(2024)
Patent
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search