The University of Cyprus and the University of Greenwich, two of the CUREX academic partners, organised and hosted on April 15, 2021 along with PANACEA, ProTego, ASCLEPIOS and SPHINX projects the online workshop "Human-Centric Cyber Hygiene in Healthcare". The focus of the workshop was on Cyber Hygiene, and especially on the human aspects related to raising the cybersecurity and data privacy awareness of the workforce in the healthcare sector. Experts from the contributing H2020 projects presented real-life results and lessons learned from healthcare end-users in the context of their EU-funded research.
Following the keynote presentations of the co-organising projects, a presentation on the Standardisation Activities implemented by CUREX project was delivered.
The workshop concluded with a panel discussion moderated by the coordinator of CUREX, Prof. Christos Xenakis. The panelists elaborated on subjects including the cyber threats landscape during the Covid-19 pandemic, the overall maturity of cyber awareness among healthcare personnel, the issues where ethics and cybersecurity mechanisms need to find common ground as well as the GDPR and NIS Directive and their impact on cybersecurity in Health Sector.
The peak attendance during the workshop reached 76 participants, where 37.50% had academic/research background, 12.50% were healthcare professionals, 15.63% came from the industry, 3.13% were policy makers ande 31.25% had other background.
One of the key takeaway messages that came up during the workshop and especially the panel discussion is that time is the biggest challenge that healthcare organisations face when attempting to address human centric cyber hygiene requirements. That is, it is hard for healthcare professionals to adopt cybersecurity and data privacy best practices and allocate time for awareness raising and training activities to improve their skills, especially during stressful periods like with the ongoing Covid-19 pandemic.
This is in line with what the attendees answered to a poll question before the panel discussion, i.e., 50% think that the biggest challenge for healthcare organisations is the integration with existing policies and procedures, 38% is the willingness of the staff to align with training and awareness recommendations, 44% is the available budget for IT based cyber security controls, and 13% is the available budget for training activities.