Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization

  title={Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization},
  author={Ying He and Chris Johnson},
  journal={Informatics for Health and Social Care},
  pages={393 - 408}
  • Ying He, Chris Johnson
  • Published 9 January 2017
  • Computer Science
  • Informatics for Health and Social Care
Security incidents can have negative impacts on healthcare organizations, and the security of medical records has become a primary concern of the public. [] Key Method This paper conducted a case study in a healthcare organization in China to explore their current obstacles in the practice of incident learning. We interviewed both IT professionals and healthcare professionals. The results showed that the organization did not have a structured way to gather and redistribute incident knowledge. Incident…
Security Assurance Modelling of Security Incident in Healthcare using the Generic Security Template (GST)
A case study by adopting the Generic Security Template (GST) to capture and structure the incident information of a data leakage incident in a UK healthcare organization in order to facilitate incident exchange and provides a unified way to communicate incident information.
EARS to cyber incidents in health care
A systematic review of the literature on cybersecurity response plans in healthcare is conducted and a novel framework for response strategies that could be deployed by healthcare organizations is developed.
Healthcare Security Incident Response Strategy - A Proactive Incident Response (IR) Procedure
The proposed IR procedure can be used to counteract WannaCry Ransomware using CTI advisories and has the significance of transforming the way of IR from reactive to proactive using the CTI in healthcare.
Cybersecurity management in healthcare: A systematic review (Preprint)
This study synthesizes the literature related cybersecurity management in healthcare sector with two frameworks; Sosio-technical approach and ISO / IEC 27001 and found several gaps in the previous literature related to the subject were found.
AM Organizational Security Learning from Incident Response
The security-related experiences of Incident Response Teams provide Enterprise Information Security Management with a unique opportunity to draw lessons and insights. However, research has shown that
A Case Study of Phishing Incident Response in an Educational Organization
This case study uses interviews and observations to explore the processes staff at a large University use when handling reports of malicious communication, including how the help desk processes reports, whom they escalate them to, and how teams who manage protections such as the firewalls and mail relays use these reports to improve defenses.
Health Care Cybersecurity Challenges and Solutions Under the Climate of COVID-19: Scoping Review
This scoping review identified the most impactful methods of cyberattacks that targeted the health sector during the COVID-19 pandemic, as well as the challenges in cybersecurity, solutions, and areas in need of improvement.
A Conceptual Redesign of a Modelling Language for Cyber Resiliency of Healthcare Systems
This paper presents an overview of the conceptual model of a cyber resiliency language, and discusses a case study to attest the healthcare context in the approach, by extending the Secure Tropos cybersecurity modelling language to include resiliencies.
Attacking Pathways of Health Information System (HIS)
This study created a simulated virtual environment by implementing an open-source medical system and followed the NIST pen-testing methodology to perform ethical hacking, which was successful and managed to exploit several vulnerabilities of the simulated HIS.
Shared situational awareness in information security incident management
  • K. Padayachee, Elias Worku
  • Computer Science, Business
    2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)
  • 2017
A conceptual model combining the planned and participatory reporting and awareness mechanisms of Shared Situational Awareness in organizations is proposed, towards improving the process of ISIM.


Generic security cases for information system security in healthcare systems
Two generic security cases are presented that embody the recommendations from incidents involving the United States' Veterans' Affairs (VA) administration and Shenzhen Hospital in China to show how lessons learned in one country might inform security management in other healthcare systems.
A case analysis of information systems and security incident responses
An empirical study on the use of the Generic Security Template for structuring the lessons from information security incidents
This paper has shown how a Generic Security Template can be used to structure graphical overviews of specific incidents and shown the template can be instantiated to communicate the findings from an investigation into the US VA data breach.
Organisational Learning and Incident Response: Promoting Effective Learning Through The Incident Response Process
It is proposed that future incident response research must incorporate a learning focus, improve feedback timing on learning activities, facilitate double-loop learning and incorporate an informal learning perspective within both formal, procedural incident response processes as well as unstructured, informal environments.
Analyzing privacy requirements: A case study of healthcare in Saudi Arabia
This article applied the Breaux and Antón approach to the text of the Saudi Arabian healthcare privacy regulations; in Saudi Arabia, privacy is among the top dilemmas for public and private healthcare practitioners and the analysis can assist requirements engineers, standards organizations, compliance officers and stakeholders by ensuring that their systems conform to Saudi policy.
An Evaluation of Information Security from the Users' Perspective in Turkey
The roles and responsibilities of staff and their being educated in HIMS are crucial factors for information security and it is necessary to develop and share information security policies for all staff in such organisations.
Information security incident management: Current practice as reported in the literature
Danger is in the eye of the beholders: Social representations of Information Systems security in healthcare
  • E. Vaast
  • Computer Science
    J. Strateg. Inf. Syst.
  • 2007
On Incident Handling and Response: A state-of-the-art approach