IIM Lucknow Develops Model To Evaluate And Mitigate Cybersecurity Risk
IIML team is investigating weaknesses in healthcare data security, suggesting that staff lacks the training to counter phishing tactics and inadequate IT governance and security technology implementation increases the likelihood of cyber threats
Indian Institute of Management (IIM) Lucknow has developed a model to assess and mitigate cybersecurity risk in the healthcare sector that hackers can exploit.
The created model to protect healthcare systems globally from cyber threats evaluates the probability and impact of cyberattacks and it can help Chief Information Officers (CIOs) identify upcoming risks and suggest mitigation strategies, antiviral programs, firewalls, staff development, vulnerability assessments and cyber insurance choices.
The Covid-19 pandemic has increased the vulnerability of healthcare organisations. Digital health records contain personal information. IIML team is investigating weaknesses in healthcare data security, suggesting that staff lacks the training to counter phishing tactics and inadequate IT governance and security technology implementation increases the likelihood of cyber threats.
“The study uses risk assessment and quantification models to group 1788 US healthcare firms into a 'heat matrix', revealing their readiness to tackle cyber threats. The model, which can be extended to the Indian healthcare sector, assists CIOs in determining vulnerability, uses Collective Risk Modelling to assess potential severity and offers recommendations for mitigating and preventing cyberattacks," Mukhopadhyay, Professor said.
The standards outlined by the National Institute of Standards and Technology include prioritising cybersecurity measures such as firewalls, and antivirus solutions, and practical cyberattack safeguards for healthcare firms. Recommendations include data backup, staff anti-phishing training, senior management engagement, advocating cybersecurity laws, Endpoint Detection and Response, Extended Detection and Response, Next Generation Firewall, Antivirus, Security Incident and Event Management and Security Orchestration, Automation & Response. Regular Vulnerability Assessment and Penetration Testing and threat intelligence integration boost proactive threat response.
Around The World