Walker-Roberts, S., Hammoudeh, M. and Dehghan Tanha, A. orcid.org/0000-0002-9294-7554 (2018) A Systematic Review of the Availability and Efficacy of Countermeasures to Internal Threats in Healthcare Critical Infrastructure. IEEE Access, 20 (1).
Abstract
Insider attacks are becoming increasingly detrimental and frequent, affecting critical infrastructure at a massive scale. Recent attacks such as the UK National Health Service (NHS) WannaCry ransomware attack which partly depends on internal users for initial infection highlight the increasing role of the malicious insiders in cyber attack campaigns . The objective of this research is to ascertain the existing technological capability to mitigate insider threats within computer security systems by way of a mixed-method systematic review. Evidence was acquired from major sources of mainstream and grey literature by analysing about 300, 000 papers. Crude aggregated results were analysed across the literature, the results were TPR 0.75, FPR 0.32, σ 0.24 and 0.36 respectively, σ 2 0.06 and 0.13 respectively. In totality, the literature evidence suggests that there is high heterogeneity across crude data indicating that the effectiveness of security measures varies significantly. No solution is able to totally mitigate an insider threat. Themes when set against that data suggest that most, if not all, security measures require breaches to occur before an analysis of malicious activity can prevent it in future through recall. Such a reactive approach is not effective to protect our critical infrastructure including our healthcare systems. Consequently, there is a major theoretical shortfall in current cyber defence architecture.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | This work is licensed under a Creative Commons Attribution 3.0 License. For more information, see http://creativecommons.org/licenses/by/3.0/. |
Keywords: | critical infrastructure security; personal data safety; healthcare, data breach; insider threat; meta-data; sabotage; systematic review; thematic analysis; unprivileged; untrusted; zero trust |
Dates: |
|
Institution: | The University of Sheffield |
Academic Units: | The University of Sheffield > Faculty of Engineering (Sheffield) > Department of Computer Science (Sheffield) |
Depositing User: | Symplectic Sheffield |
Date Deposited: | 05 Apr 2018 09:04 |
Last Modified: | 05 Apr 2018 09:04 |
Published Version: | https://doi.org/10.1109/ACCESS.2018.2817560 |
Status: | Published |
Publisher: | Institute of Electrical and Electronics Engineers (IEEE) |
Refereed: | Yes |
Identification Number: | 10.1109/ACCESS.2018.2817560 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:129171 |