SECANT: a holistic framework for cybersecurity risk assessment addressing both human and technical risk factors in healthcare ecosystem

SECANT (SECurity And privacy protectioN in Internet of Things devices) is an EU-H2020 project aimed to strengthen the understanding of risks, at both human and technical level through the delivery of a holistic framework for cyber security risk assessment for enhancing the digital security, privacy, and personal data protection in complex ICT infrastructures, such in the healthcare ecosystem. It gathers a Consortium of 19 partners from 9 countries including large ICT industries, SMEs, research institutes, health-care organizations and 1 EU CERT. SECANT delivers a holistic framework for cybersecurity risk assessment, addressed to CERTs/CSIRTs that is capable of identifying threats and attacks. The proposed solution’s effectiveness and versatility of SECANT has been validated in four realistic pilot use case scenarios applied in the healthcare ecosystem: 1) Protecting the connected ambulance of the future, 2) Cyber security for connected medical devices and mobile applications, 3) Health data protection in the healthcare supply chain, and 4) Cyber Security Training. Through these pillars, SECANT provides both its direct end-users (healthcare professionals such as doctors, nurses, admin staff in the hospital, ambulance and laboratories, medical authorities) and ICT and Security stakeholders improved cybersecurity readiness , increased privacy and data protection across the entire industrial chain and reduced costs for managing risks and adopting digital security solutions as well as for security training. In turn, it enables to make informed and context-aware decisions regarding cybersecurity, privacy and data protection risks. SECANT’s added value in a glance: – SECANT offers scalability, secure reporting functionalities and protects clinical information. – Patients have a complete ownership of their data. – Patients and healthcare professionals enjoy data integrity. – Stakeholders benefit from data confidentiality. – Healthcare organisations gain competitive advantages by reducing their overhead. – SECANT increases the effectiveness of cyber security training. – SECANT offers an intuitive and comprehensive acquisition of new knowledge. – SECANT is an affordable cyber security training solution.