Development of cyber security in healthcare sector improves patient security

Healthcare Cyber Range project started at the Institute of Information Technology at JAMK University of Applied Sciences creates a cyber range for healthcare sector and develops cyber security awareness of the actors in healthcare.

The 1.9-million euro project develops expertise with piloting the cyber security exercise for healthcare sector. The participants of the project are from JAMK the Institute of Information Technology and School of Health and Social Studies, four provincial hospital districts/municipal consortiums, KELA (The Social Insurance Institution of Finland), National Emergency Supply Agency and ICT companies.

The systems in the healthcare sector develop rapidly through digitalisation and eHealth. In the near future, digital data related to health and welfare can be gathered e.g. at home, in nursing institutions or ambulances with medical devices and systems. This data can then be input to the network to be analysed for the needs of healthcare and nursing. The opportunities offered by artificial intelligence and data analysis may be utilised in the analysis.

When processing data related to healthcare, information security and cyber security are in a key position. Healthcare data primarily has high classification level and if information is manipulated or its use is prevented, the impacts in the worst case can lead to loss of human lives.

In digital security, the role of technology is important; however, management of complex environment contains much more than technology. The expertise of persons and organisations as well as operational processes are significant. Tero Kokkonen, the R&D manager at the Institute of Information Technology states that to achieve a sufficient security level, continuous and systematic development of expertise is required.

For development of expertise, cyber security exercises are the key to success. For modelling attacks, malware and threat situations, an exercise environment completely isolated from the Internet and production networks is needed. With cyber security exercises and training activities, the know-how of the actors in healthcare sector can be improved both in the short and long run.

The Institute of Information Technology has developed the cyber security expertise of its staff members of since 2011 and implemented an even in international scale unique cyber security exercise environment RGCE (Realistic Global Cyber Environment). It is an isolated environment that mimics the main structures and services of the Internet as well as information systems of diverse business sectors. In this project, the RGCE is expanded to the framework of healthcare services, and systems and processes of the healthcare sector are modelled in it.
The Healthcare Cyber Range project consists of two 3-year subprojects: an investment project and a parallel development project related to it. The budget is 1.9 million euros, of which the share of the European Regional Development Fund (ERDF) covers 850 000 euros.

Further information:

Tero Kokkonen, R&D Manager, Phone: 050 438 5317
JAMK University of Applied Sciences, Institute of Information TechnologySciences