The CUREX solution will analyse information coming from the monitoring infrastructure to compute cybersecurity and privacy risk scores associated to the data exchange in a Health domain. CUREX has five discrete areas: (i) Asset and Vulnerability Discovery, whose goal is to discover the system’s assets and any information related to their associated vulnerabilities; (ii) Threat Intelligence, aiming at detecting real time abnormal behaviours on users, and devices, as well as anomalies in the data in order to identify new and unknown threats; (iii) Risk Management, aiming at producing risk scores and optimal safeguards towards a cyber strategy of the healthcare organisation; (iv) Trust Enhancing, which will make use of decentralized platform based on blockchain technology to store and share private and sensitive data; and (v) Application and Visualisation, to display the platform dashboard in a synthetized way as depicted in the figure below.
Each area includes one or more of the following tools:
- Asset Discovery Tool (ADT)
- Vulnerability Discovery Manager (VDM)
- Knowledge Extraction and Analytics (KEA)
- Threat Intelligence Engine (TIE)
- Cybersecurity Assessment Tool (CAT)
- Privacy Assessment Tool (PAT)
- Optimal Safeguards Tool (OST)
- Private Blockchain (PrB)
- Health professional Application (HPA)
- Patient Application (PA)
- CUREX Visualization Tool (CVT)
The general workflow of the information within the CUREX toolkit is as follows:
- Assets are discovered by the ADT and the information associated to the services, OS, dependencies, and/or any other valuable information to be used for the risk assessment process;
- Discovered assets are sent to the VDM tool in order to search for vulnerabilities;
- The list of vulnerabilities associated to the assets from the monitored infrastructure is shared with the TIE and KEA for further analysis. Events are processed and correlated, and the outcome of this module is then shared with the risk assessment toolkit;
- CAT and PAT performs the cybersecurity and privacy risk assessment respectively for the events selected by the TIE;
- OST is a risk control and decision support tool that proposes optimal safeguards to be executed based on the risk levels computed by the risk management toolkit components as well as cost-benefit analysis of cyber controls.
- the cybersecurity and privacy risk assessment scores and some metadata information, as well as description of the optimal cyber strategy proposed (i.e., optimal security measures) will be stored in the PrB. This latter will deal with the transactions between stakeholders and services of the CUREX platform and will be in charge of generating smart contracts to the PA and HPA.
- Finally, end-users can perform actions such as policy enforcements, authorisation controls, and transaction validations through their respective applications.