RESUMEN
Recent studies report that cybersecurity breaches noticed in hospitals are associated with low levels of personnel's cybersecurity awareness. This work aims to assess the cybersecurity culture in healthcare institutions from middle- to low-income EU countries. The evaluation process was designed and performed via anonymous online surveys targeting individually ICT (internet and communication technology) departments and healthcare professionals. The study was conducted in 2019 for a health region in Greece, with a significant number of hospitals and health centers, a large hospital in Portugal, and a medical clinic in Romania, with 53.6% and 6.71% response rates for the ICT and healthcare professionals, respectively. Its findings indicate the necessity of establishing individual cybersecurity departments to monitor assets and attitudes while underlying the importance of continuous security awareness training programs. The analysis of our results assists in comprehending the countermeasures, which have been implemented in the healthcare institutions, and consequently enhancing cybersecurity defense, while reducing the risk surface.
RESUMEN
The coronavirus pandemic led to an unprecedented crisis affecting all aspects of the concurrent reality. Its consequences vary from political and societal to technical and economic. These side effects provided fertile ground for a noticeable cyber-crime increase targeting critical infrastructures and, more specifically, the health sector; the domain suffering the most during the pandemic. This paper aims to assess the cybersecurity culture readiness of hospitals' workforce during the COVID-19 crisis. Towards that end, a cybersecurity awareness webinar was held in December 2020 targeting Greek Healthcare Institutions. Concepts of cybersecurity policies, standards, best practices, and solutions were addressed. Its effectiveness was evaluated via a two-step procedure. Firstly, an anonymous questionnaire was distributed at the end of the webinar and voluntarily answered by attendees to assess the comprehension level of the presented cybersecurity aspects. Secondly, a post-evaluation phishing campaign was conducted approximately four months after the webinar, addressing non-medical employees. The main goal was to identify security awareness weaknesses and assist in drafting targeted assessment campaigns specifically tailored to the health domain needs. This paper analyses in detail the results of the aforementioned approaches while also outlining the lessons learned along with the future scientific routes deriving from this research.
RESUMEN
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK's possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks.
RESUMEN
Recent publications on the probable role of heparin-binding protein (HBP) as a biomarker in sepsis prompted us to investigate its diagnostic and prognostic performance in severe COVID-19. HBP and IL-6 were measured by immunoassays at admission and on day 7 in 178 patients with pneumonia by SARS-CoV-2. Patients were classified into non-sepsis and sepsis as per the Sepsis-3 definitions and were followed up for the development of severe respiratory failure (SRF) and for outcome. Results were confirmed by multivariate analyses. HBP was significantly higher in patients classified as having sepsis and was negatively associated with the oxygenation ratio and positively associated with creatinine and lactate. Logistic regression analysis evidenced admission HBP more than 18 ng/ml and IL-6 more than 30 pg/ml as independent risk factors for the development of SRP. Their integration prognosticated SRF with respective sensitivity, specificity, positive predictive value, and negative predictive 59.1%, 96.3%, 83.9%, and 87.8%. Cox regression analysis evidenced admission HBP more than 35 ng/ml and IL-6 more than 30 pg/ml as independent risk factors for 28-day mortality. Their integration prognosticated 28-day mortality with respective sensitivity, specificity, positive predictive value, and negative predictive value 69.2%, 92.7%, 42.9%, and 97.5%. HBP remained unchanged over-time course. A prediction score of the disposition of patients with COVID-19 is proposed taking into consideration admission levels of IL-6 and HBP. Using different cut-offs, the score may predict the likelihood for SRF and for 28-day outcome.
