An overview of cybersecurity in the healthcare sector

Abstract

Cybersecurity has become in last decade one of the most discussed subjects in various domains. Besides the traditional IT area of which one would usually think of when discussing about cybersecurity, it has now evolved and is part of almost all other domains using computer technologies. For example, the nuclear domain takes into account the cyber security subject due to the large number and complex infrastructure of computer systems that are now part of nuclear facilities or physical security systems. The recommendations coming from the international level to include cyber security aspects in the nuclear related legislation can now be seen in practice in many countries. For example, the Regulation of Physical Security for Nuclear includes such recommendations and best practices from the IAEA [1]. However, other evolving domains that heavily rely on computerized systems have not yet fully taken into account the current cyber risks nor included most of these requirements. As for example, the healthcare domain has now a multitude of technologies that are embedded in medical devices for controlling, monitoring the treatment, as well as keeping medical history of patients. Another important aspect of the use of computer technologies is the exchange of medical data such as xray images with specialists from other institutions in order to have a timely diagnosis. Such medical technologies can be seen nowadays not only in developed countries, which means global actions are needed to tackle the cyber risks that come along with such technologies. In this paper, we will discuss over the necessity of actions in order to adjust and update the specific national and international frameworks as a response to the current cybersecurity status in domains that embed computer systems.