Cyberspace and Cybersecurity Foundations

Slide 1

Cyberspace and Cybersecurity Foundations

Do you need an  Original Presentation on “Cyberspace and Cybersecurity Foundations”? We’re here to help.

Slide 2

The Information System of the CHI Health Orthopedics Clinic (Lakeside) is delivered by an outside provider but managed by the hospital’s internal I.T. department. They are responsible for maintaining the hospital’s telecommunications, networks, databases, software, and hardware. The I.T. department manages organizational I.T. policies and other procedures that are related to the Health Information System

Slide 3

The patient record system of the facility consists of workstations. A workstation is a hardware that holds everything a physician needs to perform their functions (Stevenson & Nilsson, 2011). It may be a desktop, a laptop, or a tablet that hosts the hospital’s systems. A desktop is a fixed computer, while a laptop allows movement from one place to another. A tablet is a device that a healthcare provider can walk around with. It has handwriting recognition software that allows users to write on the screen.

Slide 4

Below are the common threats that contribute to the vulnerability of the healthcare system to security breaches.

Staff. In some cases, malicious employees can steal patients’ credit card numbers and use them to commit fraudulent purchases. Some also steal social security and demographic information and use it to commit a variety of crimes. Malware and Phishing. Sophisticated malware can be planted into healthcare information systems to steal login credentials. Unsecured Medical Devices. This exposes the systems to malware attacks and hacking because the facility does not control how healthcare workers use their devices. Improper Disposal of Old Hardware. Hard drives to access healthcare systems may contain credentials and network information even after reformatting. Proper means of disposal must be adopted.

Slide 5

Identity management involves the process of identifying and authenticating system users. It also involves using user rights to restrict the operations that the system users are allowed to perform. Below are some of the procedures that can be adopted to ensure efficient identification management of the Healthcare Information System.

Slide 6

Over 48,000 incidences of data breaches were experienced by CHI Health Orthopedics Clinic in a span of 24 months, as reported on 30^th November 2019.

The incidents were related to hacking and I.T. incidents.

The surfaces of attack included Desktop Computers, Electronic Medical Records, and at the Network Server.

Slide 7

Educating employees involves helping healthcare workers recognize the importance of cyber safety. The employees are taught about their roles in ensuring the safety of patients’ information.

Establishing security policies involves developing specific protocols that guide how the employees handle the healthcare facility’s physical and virtual networks.

Enforcing regular software updates because outdated software becomes an access point exploited by cybercriminals in accessing the system. The facility must, therefore, enforce software updates on the devices that are used by employees in accessing the healthcare system.

Slide 8

Handling a cyber-attack that has been executed involves several procedures including;

Report the breach, whereby if an employee realizes that the system has been attacked, they are expected to report the issue to the technical team for quick solutions. Matters that the facility technical teams cannot handle should be reported to the U.S. Department of Health and Human Services.

Share information: the technical team handling the healthcare system must encourage employees to share information about potential system attacks. Patients should also be educated on how to recognize signs of fraud. They should be encouraged to report suspicious activities, such as unrecognized medical bills, as they could result from cybercrime.

Reexamine the network. If an attacker accessed the system, the technical team should assess the network to determine the weaknesses that allowed such an attack. They are then advised to share the information about the cause of the attack with professionals who can assist in coming up with a solution and counter future attacks.

Slide 9

Understanding the scope of the system by use of technology will make it possible to monitor all the devices connected to the network. Developing new updates from time to time to ensure that the vulnerabilities identified in the earlier versions are dealt with. Implementing a Virtual Private Network Encryption to ensure that hackers cannot view the information in the healthcare system Implement user authentication procedures such as two-step authentication, regular change of passwords, use of strong passwords, and revoking employees who have transferred. Implement restricted access where the user can only view the information essential to their duties.

Slide 10

Other Related Post: Theory of Justice As Fairness

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

---

Project instructions

Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks.

Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to produce a technical report and nontechnical presentation that addresses these requirements. (use any major healthcare record bridge you can from this list to write this paper)

For Project 1, this list of healthcare organizations, which have had breaches may be helpful. Organizations with 1M or more records stolen have a ton of information out there in the public realm.

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members.
2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations.
3. Executive summary: This should be a 2-3 page double-spaced Word document.

• Ensure your figures are properly cited in-text and in the references.  E.g Figure 1. Hospital Organizational Chart (source, year). Even though you are using them as part of your hypothetical organization, you need to cite the original source.  The figures also need to be referenced in your text narration.  E.g.  Figure 1 below describes ….   You can always submit the final version of your paper to the Writing Center and they should be able to check your paper for grammar and APA.  Also, if you include Appendices, you need to tell the reader (in the main body)  to go to the appendix to refer to it.
• Add a section/subheading in your paper (towards the end) that includes a clear list of your findings and recommendations.  Sort them in order of importance based on your understanding.  E.g  Finding 1: It was found that … Recommendation 1: It is recommended that ….   You can include hypothetical findings related to Project 1’s topic (i.e. Identity Management issues).  This is a highly important recommendation for an ‘exceeds expectations’ evaluation.  In industry, your management wants a clear idea (bottom line) of the security issues and recommendations that you (the expert) found. Do not make him/her spend extra time digging them throughout the report. What usually happens is that important observations are missed.  After all, you want to make sure that proper resources are allocated in order to address security issues.