A SECURE HEALTHCARE ENVIRONMENT FOR INFORMATICS RESILIENCE

The HEIR project developed a platform to protect both the IT infrastructure and the data of medical environments, typically hospitals. For infrastructure protection, the HEIR project developed and experimented a threat hunting platform that enables detection of software vulnerabilities, misconfigurations and active attacks. The threat hunting platform feeds a graphical user interface (GUI) that displays the “Risk Assessment for Medical Applications” (RAMA) score. The GUI enables an IT administrator to investigate these vulnerabilities according to their severity, and prioritize actions that will address the most severe risks. The RAMA score is also integrated in the HEIR observatory, that enables a regulatory authority to observe the status of the healthcare sector IT and issue directives for major security vulnerabilities. The privacy-aware platform (PAF) enables access to data while complying with privacy regulations. It acts as a gateway to medical data, redacting the information returned as response to queries according to policies and the role of the requester of the data.

During the second period of the HEIR project, we developed the second and final version of our tools, the threat hunting platform, the privacy-aware framework and the observatory. We experimented these tools in four use cases and presented demonstrations during info days at the four pilot partners. Concerning dissemination, we led several activities towards the healthcare sector, demonstrating that cybersecurity is becoming a critical issue for healthcare. Concerning exploitation, the business model of HEIR revolves around providing a marketplace for security components and privacy-aware solutions. In order to reach out to potential customers, we also developed an online tool. The HEIR Repository encompasses a detailed description of the overall HEIR platform, highlighting the security needs addressed and the unique characteristics and advantages it offers. Additionally, it provides individual descriptions of all the components, outlining the security requirements each component addresses, along with their novel features and advantages.

The progress beyond the state of the art in threat hunting is demonstrated by our capability to integrate tools in a single platform, and provide a mechanism for quantifying the security risk across multiple categories of tools. The question of quantifying cybersecurity is a long-standing one and our contribution in this topic constitutes a significant demonstration that one can evaluate risk from multiple sources and build meaningful comparisons. The privacy-aware framework experimentation has demonstrated the capability to create new mechanisms for information exchange in the healthcare sector, between hospitals and researchers, and between hospitals and regulatory bodies. The example of diabetes-related information exchange in Norway demonstrates the scientific and social benefits for better managing chronic diseases. More generally, the HEIR project has contributed to awareness raising of cybersecurity issues in healthcare, hopefully reducing the impact of cybersecurity incidents in hospitals by ensuring that medical and administrative staff are aware of the risks.