Pricing of cyber insurance premiums using a Markov-based dynamic model with clustering structure.

Cyber insurance is a risk management option to cover financial losses caused by cyberattacks. Researchers have focused their attention on cyber insurance during the last decade. One of the primary issues related to cyber insurance is estimating the premium. The effect of network topology has been heavily explored in the previous three years in cyber risk modeling. However, none of the approaches has assessed the influence of clustering structures. Numerous earlier investigations have indicated that internal links within a cluster reduce transmission speed or efficacy. As a result, the clustering coefficient metric becomes crucial in understanding the effectiveness of viral transmission. We provide a modified Markov-based dynamic model in this paper that incorporates the influence of the clustering structure on calculating cyber insurance premiums. The objective is to create less expensive and less homogenous premiums by combining criteria other than degrees. This research proposes a novel method for calculating premiums that gives a competitive market price. We integrated the epidemic inhibition function into the Markov-based model by considering three functions: quadratic, linear, and exponential. Theoretical and numerical evaluations of regular networks suggested that premiums were more realistic than premiums without clustering. Validation on a real network showed a significant improvement in premiums compared to premiums without the clustering structure component despite some variations. Furthermore, the three functions demonstrated very high correlations between the premium, the total inhibition function of neighbors, and the speed of the inhibition function. Thus, the proposed method can provide application flexibility by adapting to specific company requirements and network configurations.

Healthcare Challenges in the Era of Cybersecurity.

As a result of the extensive integration of technology into the healthcare system, cybersecurity incidents have become an increasing challenge for the healthcare industry. Recent examples include WannaCry, a nontargeted ransomware attack on more than 150 countries worldwide that temporarily crippled parts of the National Health Service in the United Kingdom, and the 2016 ransomware attack on Los Angeles's Hollywood Presbyterian Medical Center. The attacks cost millions of dollars in lost revenue and fines, as well as significant reputational damage. Efforts are needed to devise tools that allow experts to more accurately quantify the actual impact of such events on both individual patients and healthcare systems as a whole. While the United States has robust disaster preparedness and response systems integrated throughout the healthcare and government sectors, the rapidly evolving cybersecurity threat against healthcare entities is outpacing existing countermeasures and challenges in the "all-hazards" disaster preparedness paradigm. Further epidemiologic research of clinical cybersecurity attacks and their effects on patient care and clinical outcomes is necessary to prevent and mitigate future attacks.

Collaborative and secure transmission of medical data applied to mobile healthcare.

PURPOSE: We propose a collaborative and secure transmission scheme in order to safely and efficiently transmit medical data and provide telemedicine services, lighten the load on wireless access networks, and improve the quality of medical treatment such as surgery. METHODS: First, the transmission technology based on opportunistic networks is used to upload patient physiological data and share medical information. Second, we propose a trusted transfer scheme based on the circle of friends, which is constructed with historical encounters and social features of nodes. This scheme takes the forwarding policy of each packet by close friends to effectively prevent the participation of strangers, and avoid privacy issues and deal with selfish behaviors. At the same time, the structure of friend circle is beneficial to the improvement of medical data transmission. Third, we present a lossless compression scheme with less computation and higher compression ratio to reduce the amount of medical data and improve the performance of the transmission. RESULTS: The experimental results show that the proposed scheme is effective and has good transmission performance while ensuring the safety and reliability of media data. CONCLUSION: The mobile healthcare faces some challenges such as the vastness of medical data and sensitivity of patient information. Using opportunistic networks to transmit medical data in mobile healthcare is a good solution, which can effectively divert and offload the data traffic of mobile Internet. The structure of friend circles and the technology of data compression are beneficial to safely and efficiently transmit the patient's physiological parameters and medical health information.

The Policy Effect of the General Data Protection Regulation (GDPR) on the Digital Public Health Sector in the European Union: An Empirical Investigation.

The rapid development of digital health poses a critical challenge to the personal health data protection of patients. The European Union General Data Protection Regulation (EU GDPR) works in this context; it was passed in April 2016 and came into force in May 2018 across the European Union. This study is the first attempt to test the effectiveness of this legal reform for personal health data protection. Using the difference-in-difference (DID) approach, this study empirically examines the policy influence of the GDPR on the financial performance of hospitals across the European Union. Results show that hospitals with the digital health service suffered from financial distress after the GDPR was published in 2016. This reveals that during the transition period (2016⁻2018), hospitals across the European Union indeed made costly adjustments to meet the requirements of personal health data protection introduced by this new regulation, and thus inevitably suffered a policy shock to their financial performance in the short term. The implementation of GDPR may have achieved preliminary success.

A Secure Region-Based Geographic Routing Protocol (SRBGR) for Wireless Sensor Networks.

Due to the lack of dependency for routing initiation and an inadequate allocated sextant on responding messages, the secure geographic routing protocols for Wireless Sensor Networks (WSNs) have attracted considerable attention. However, the existing protocols are more likely to drop packets when legitimate nodes fail to respond to the routing initiation messages while attackers in the allocated sextant manage to respond. Furthermore, these protocols are designed with inefficient collection window and inadequate verification criteria which may lead to a high number of attacker selections. To prevent the failure to find an appropriate relay node and undesirable packet retransmission, this paper presents Secure Region-Based Geographic Routing Protocol (SRBGR) to increase the probability of selecting the appropriate relay node. By extending the allocated sextant and applying different message contention priorities more legitimate nodes can be admitted in the routing process. Moreover, the paper also proposed the bound collection window for a sufficient collection time and verification cost for both attacker identification and isolation. Extensive simulation experiments have been performed to evaluate the performance of the proposed protocol in comparison with other existing protocols. The results demonstrate that SRBGR increases network performance in terms of the packet delivery ratio and isolates attacks such as Sybil and Black hole.

Defense Against Chip Cloning Attacks Based on Fractional Hopfield Neural Networks.

This paper presents a state-of-the-art application of fractional hopfield neural networks (FHNNs) to defend against chip cloning attacks, and provides insight into the reason that the proposed method is superior to physically unclonable functions (PUFs). In the past decade, PUFs have been evolving as one of the best types of hardware security. However, the development of the PUFs has been somewhat limited by its implementation cost, its temperature variation effect, its electromagnetic interference effect, the amount of entropy in it, etc. Therefore, it is imperative to discover, through promising mathematical methods and physical modules, some novel mechanisms to overcome the aforementioned weaknesses of the PUFs. Motivated by this need, in this paper, we propose applying the FHNNs to defend against chip cloning attacks. At first, we implement the arbitrary-order fractor of a FHNN. Secondly, we describe the implementation cost of the FHNNs. Thirdly, we propose the achievement of the constant-order performance of a FHNN when ambient temperature varies. Fourthly, we analyze the electrical performance stability of the FHNNs under electromagnetic disturbance conditions. Fifthly, we study the amount of entropy of the FHNNs. Lastly, we perform experiments to analyze the pass-band width of the fractor of an arbitrary-order FHNN and the defense against chip cloning attacks capability of the FHNNs. In particular, the capabilities of defense against chip cloning attacks, anti-electromagnetic interference, and anti-temperature variation of a FHNN are illustrated experimentally in detail. Some significant advantages of the FHNNs are that their implementation cost is considerably lower than that of the PUFs, their electrical performance is much more stable than that of the PUFs under different temperature conditions, their electrical performance stability of the FHNNs under electromagnetic disturbance conditions is much more robust than that of the PUFs, and their amount of entropy is significantly higher than that of the PUFs with the same rank circuit scale.

The cost of IT security.

Breaches in data security have become commonplace in health care, making IT security a necessary cost for healthcare organizations. Organizations that do not invest proactively in IT security face a significant risk of incurring much greater costs from incidents involving compromised data security. Direct costs of security breaches include the costs of discovery, response, investigation, and notification and also can include state or federal penalties and costs of compliance with corrective action plans and resolution agreements. Hidden costs can include damage to brand, loss of consumer confidence, reduced HCAHPS scores, and--by extension--reduced value-based purchasing payments.