“Security Challenges for the Critical Infrastructures of the Healthcare Sector” Chapter

Healthcare organisations are an easy target for cybercrime due to their critical and vulnerable infrastructure. Increasing digitalisation has led to the emergence of several security challenges. It is crucial to identify these critical challenges, not only from a technical point of view but also from a legal and management perspective. Recognition of the threats that may arise is also important to be able to fight cybercrime. Not just physical and/or cyber threats are relevant but also the combination of both. It is important to understand how they can impact and destabilise health services, and how they are being used by attackers to achieve their aims. This chapter provides a brief introduction to the critical challenges in the healthcare sector, and a list of recent security incidents. Five main groups of threats and a critical assets categorisation are also presented. Finally, the EBIOS methodology is introduced and used to describe two relevant cyber-physical scenarios of threat.

Security Challenges for the Critical Infrastructures of the Healthcare Sector