Health Data Modelling
Ontologies have been widely used to represent knowledge of very different domains. In the biomedical field, a very big effort has been done in the last years to create ad-hoc vocabularies and taxonomies to represent any kind of biomedical information. In the medical domain, several works have been developed to cover the huge amount of diverse information that needs to be represented. The aim of the ontologies created in the biomedical domain includes filling the interoperability gaps that exist between information systems, provide common ways of representing knowledge as well as many other uses, which includes tasks regarding decision support systems among other uses, such as OBO-Foundry terminologies for biomedical information or more clinical oriented vocabularies such as well-known vocabularies that are currently used in the biomedical domain, which have ontology-based versions includes, for example, SNOMED-CT, MeSH and ICD among others. In terms of security there are several efforts that have been done to create ontology-based elements and ontologies have been widely used to represent information regarding information systems and knowledge in the domain of security.
Data Analytics and Knowledge Extraction
Data analytics, is among the core fields of data science and data mining and its benefits are widely acknowledged in multiple domains and sectors. Since healthcare industry historically generates large amounts of data, the nascent field of data analytics in healthcare, offers opportunities for novel research approaches and it also raises some complex problems with respect to health data multiple entities and origins (patients, devices, drugs evidence, centres, etc.). Typically, the techniques for healthcare data analytics fall into the main categories, namely statistical analysis, classification, clustering, association rule mining, and outlier detection, with emphasis though on predictive and stochastic modelling to lower loss of information and produce a leaner, faster, more targeted R & D pipeline over multiple healthcare data threads. Despite the impressive advances, several challenges remain, especially with regards to the choice and adaption of the most suitable approach in each healthcare scenario setting, the need to accommodate several data types and to perform efficient anomaly detection (possibly linked also to the causal explanations of outlier frequency).
CUREX will advance the current state-of-the-art by delivering the Threat Intelligence Engine which will incorporate:
- A novel machine learning and prescriptive analytics models developed in-house (and tailored for healthcare applications) in order to recognize threat-related patterns and anomalies. Such models are built on the basis of a solid approach containing: data preparation, feature engineering and selection, exploratory data analysis, data visualization, machine learning, model evaluation and optimization, and finally, implementation at scale in the demonstrators.
- Scalable threat intelligence that effectively manipulates and analyses at real-time network and security data, ultimately unveiling valuable threat-related insights to detect, contain and mitigate advanced persistent threats and fight against malicious cyber activities.
Risk Assessment and Vulnerability Assessment
CUREX will deliver a solid vulnerability analysis solution that will combine in a holistic way a wide variety of tools, mechanisms and techniques for covering the operational needs of hospitals and care centres with respect to the exchange of sensitive healthcare data. CUREX will develop and demonstrate the following innovations:
- Automated assessment and analysis process that will run periodically to reveal new and hidden vulnerabilities with possibly cascading effects. This process will also be invoked in case a cybersecurity or privacy infringement incident occurs.
- Compilation and representation of information from diverse sources including human resources information, business processes, PII, and GDPR policies in a unique and simple way for empowering threat intelligence.
- Assignment of criticality scores to various system components using novel strategies for fusing different parameters including the importance to system operation, the exposure to threats and the risk levels.
- Dynamic recommendation of remediation solutions or strategies for fulfilling unexpected and newly discovered vulnerabilities.
- Intelligence dissemination mechanism for sharing the discovered vulnerabilities and the proposed countermeasures with other hospitals or healthcare providers. CUREX will build on-top of existing upper models and will propose a holistic approach for risk management tailored to the healthcare domain related data, applications and platforms. To this end, a complete assessment methodology complemented by a supportive tool in order to support the discrete steps of the methodology will be developed.
The cybersecurity and privacy assessment methodology and the tool will pave the way for a new domain of risk assessment in healthcare organisations. Moreover, CUREX will combine the output of the risk assessment with reactive proposition of safeguards based on decision support models.
Decision Support for Proposing Optimal Safeguards
Existing approaches try to identify which safeguards should be selected for implementation within a budget that was determined in advance. Most approaches apply management tools and financial analysis based on measures like annual loss expectancy, return on investment, internal rate of return, net present value, Other approaches use real options analysis where dynamic aspects of investments are considered and the flexibility of decision making is utilised. All existing approaches require extensive input data like threat probabilities, incident costs, countermeasure costs, countermeasure success probabilities, etc. which makes them very hard to apply in practice, either use a small set of generic data or require the decision maker to collect most of them before the optimisation can be conducted.
Innovative CUREX research activities will lead to the development of the OST specifically designed for the healthcare sector. Direct costs of safeguards will mainly include monetary parameters while indirect costs refer to usability, moral consequences and cybersecurity and privacy awareness. To the best of our knowledge, there are not specialised OSTs for healthcare industry; thus, CUREX will derive novel research results to eliminate this gap.
The ambition of CUREX is to promote human-centric cyber hygiene through cybersecurity and privacy awareness and training activities so that the employees in a healthcare organisation become capable of acting as ‘live sensors’ for identifying potential vulnerabilities and detecting possible threats and first-tier emergency responders for reporting unusual events or suspicious behaviours (e.g. an inside threat by co-workers) and subsequently following the recommended procedures for mitigating a cybersecurity and privacy incident. To this end, CUREX will follow an innovative methodology for compiling proper and tailed training material in a structured way that is based on the following pillars;
- Evaluation of existing awareness processes and training material within the organisation in order to empower cybersecurity and privacy practices.
- In-depth examination and documentation of existing techniques for representing regular security behaviours that are expected by healthcare employees.
- Monitoring and identification of routine activities that are sensitive to cybersecurity and privacy risks, may create new vulnerabilities, or may trigger unexpected cyberattacks, classifying activities as organisation-specific or organisation-agnostic as awareness is increased for vulnerabilities and threats that are shared among different healthcare organisations.
- Identification of appropriate delivery channels to communicate the training material in a targeted way for employee group to create the highest impact by the adoption of good cybersecurity and privacy practices.
The CUREX innovation is based on the development of a cutting-edge platform to assess cybersecurity and privacy risks about the treatment of different data types in a flexible manner according to their data security classification. The CUREX PrB will act as a Decentralized Risk Assessment and Policies Enforcement System. CUREX consortium will base its work on the well-known MyHealthMyData project and will use their blockchain-enabled platform which will control the actual data exchange. This system is responsible to manage the data life cycle and enforce the data treatment policy tailored according the legal restrictions, the owner business rules and the CUREX risk score. In this context, CUREX will solve this issue by using MHMD as a data access platform to enforce GDPR guidelines and to record the involved risks. This cutting-edge decentralised system will run on a permissioned blockchain technology and will utilise Smart Contracts to enforce GDPR and to record the risk assessment reports. We envisage that CUREX will impact the European market developing one of the first blockchain platforms for risk assessment within healthcare under the GDPR.