Cybersecurity Capstone week 3
docx
keyboard_arrow_up
School
Wilmington University *
*We aren’t endorsed by this school
Course
8100
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
10
Uploaded by MajorMouseMaster353
Combined Statement of Problem & Framework/Overview Thesis
Mercedes Baskerville
College of Technology, Wilmington University
CYB 8100: Cybersecurity Capstone
Cody Dostal
1.30.2024
IoT Security in Healthcare
In order to understand the problems and issues surrounding IoT Security in Health Care, you have to first know what IoT consists of. IoT is short for Internet of Things which refers to the network of connected devices that communicates between other devices and the cloud. IoT devices are planted with the technology such as sensors, software and other technology to be able
to connect them together. The IoT means taking all the things in the world and connecting them to the internet. This could include machines, vehicles, devices, wearable technology, medical devices and more. The Internet of Things is used in the healthcare industry in several ways. Instead of it being called IoT, it is referred to as IoMT (Internet of Medical Things). IoT in healthcare is used for patient care such as sensors, data transmitters, monitoring patient’s charts, medical treatments
and collecting data. There are many of examples of devices that are being used in the healthcare industry like heart rate sensors, smart pumps and devices but also software and hardware that monitors the infrastructure (Shpachuk, 2023). IoT security in Healthcare deserves a closer look because there are a lot of risk involved in healthcare. The risks of IoT in healthcare fall under three categories: Patient safety, Information technology risks and difficulties with IoT devices. Hackers can compromise IoT Security in Healthcare by gaining access to data, malware infections and other threats. Threats will continue to occur where technology exists and in healthcare, there are poor security controls.
In the next paragraph, we will discuss the risk in healthcare.
Issues with IoT in Healthcare
One risk is the Disclosure of Personal Health Information within the healthcare system. Electronic medical records should be shared with primary caregivers only, but it can sometimes
be viewed and changed without the patients consent. HIPAA which is the Health Insurance Portability and Accountability Act, covers health care providers, health plans and patients. It protects patient’s health information from being released without the patients consent or knowledge (PrivacyRights, 2014). Being viewed by someone who should not have access to that sensitive information is an issue within the healthcare system.
Privacy violations is another issue with IoT in Healthcare. Sensitive information such as social security numbers, credit cards, insurance information and personal information are treasured by cyberhackers. When there are vulnerabilities in a system, cybercriminals can access the systems and gain information through it (Gillis, 2023). Once they gain the information, they can modify and misuse it to their liking. This data can contain addresses, names, credit cards, social security numbers, test results, medications and more. This data is confidential and should not be viewed or sold. IoT has a lot of issues to resolve within the healthcare system. Privacy could be compromised and revealed to unauthorized users which is a HIPAA violation. IoT in Healthcare deals with a lot of issues that patients do not know about but one of the major risks is Medjacking. This term stands for hijacking medical devices which is a security issue in IoT healthcare. This is a fairly new threat to the health care system, but it involves hacking into medical equipment using software on the devices (DiGiacomo, 2017). Devices such
as life support and diagnostic equipment uses older operating systems, finding tools to hack into these devices will be the biggest challenge. It is the biggest challenge because most tools don’t go well with older devices. Hackers use malicious emails to gain access to vulnerable medical devices and once one device is hacked in a healthcare system, an entire network is vulnerable (DiGiacomo, 2017). Taking control over the equipment is just one piece of the puzzle. Once connected, hackers will compromise IoT security which allows them to infect them with
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
malware to harm patients, control other devices and also gain access to sensitive data to name a few (Shpachuk, 2023). Medical companies use their equipment until they are completely gone which is called Legacy equipment. Legacy devices are named that because they are outdated and obsolete. This equipment which costs millions of dollars creates security risks for IoT in healthcare. Healthcare organizations need to be aware of the devices that can cause risks in the IoT. There are a couple of medical devices that can cause IoT vulnerabilities in a healthcare system. An IV pump, Ultrasound and Medicine dispenser to name a few are the most significant devices that bring in vulnerabilities to the organization (Makieiev, 2023). One challenge faced by legacy equipment is
the ability to exchange data or use the information stored between different systems. This affects the efficiency of healthcare systems and patient care. Companies that keep outdated systems are more open to serious security risk. Legacy systems lack support from vendors and lack employee
knowledge which is why legacy technology is the third biggest risk in healthcare organizations (Glynn, 2023). Healthcare is an important part of everyone’s life whether you want to admit it or not. Security breaches happen through negligence or on accident, but they still happen. When a company falls victim to a cyberattack, they hold the staff, providers and devices accountable because no one took the time to pay attention to the security risks. This is an issue because information, medical needs and lives are in danger due to these attacks. There are many of approaches you can take to prevent these risks in the healthcare industry. I will propose this by telling you what needs to change within the IoT Security in Healthcare. Ensuring network security is the main practice that needs to be looked at. Companies can avoid breaches in security
by protecting the network from these attacks. Security of IoT medical devices also need to be
centralized into one network which could help manage those devices separately. Protecting IoT devices against cybercriminal, malware and other malicious contents should be the number one priority and it is not. Framework and Overview
In this paper I will explain how the layout of my thesis will be. There are three major layouts that can be used to write my paper. In order to understand those three styles, we will first look at what Framework and Overview is first. A framework reviews theory relevant to scholarly
literature and theories used for a specific study (Vinz, 2022). You use theories that already exists to support the research you did and also showing that your topic is already established. The three styles are quantitative, qualitative and mixed methods layout that I can use to write my thesis. In order to choose, I need to know which one best suit my topic and define them. Quantitative, Qualitative and Mixed Method Research Layouts
Quantitative
Research is the method of gathering and examining numerical data which can be used to find patterns, predictions and generalize results to a wider audience. According to Bhandari (2020), quantitative methods is used in natural and social science such as biology, economics, and chemistry to name a few. There are three quantitative research methods which are descriptive, correlational and experimental methods. Qualitative
research gathers and examines non-numerical data such as text or video to collect concepts and opinions as well as experiences of different people. This method could also be used to create new research ideas and delve deep into a problem. The qualitative method is used in social sciences and humanities such
as education, history, health science and etc (Bhandari, 2020). This method is used to understand
how people view the world and the different experiences they have.
Mixed
Method research is both quantitative and qualitative research put together to answer the research question in the paper. Since mixed method has both of the methods in one paper, it will help you answer the question better than just having one method. Mixed method is usually used in health, behavioral and societal research (George, 2021). Mixed methods allow you to carefully examine the relationship between qualitative and quantitative research and determine how you will use both types of data together. Research Method
When defining the three major layouts, I decided that Mixed Method is the best research layout for my thesis on Issues with Internet of Things in Healthcare. I strongly consider that having a mixture of the research methods would help me gain a clearer and complete understanding of the topic. Having different methods will allow me to collect and analyze data on the same research using different methods (George, 2021). There are different types of mixed methods research layouts that are based on time of collection, what the research is, and the significance of the data being found. The advantages of mixed method research are the benefit that you get from both types of research methods quantitative and qualitative because what one lacks, the other could pick up. This method is also more flexible when creating your layout for the research which allows you to
use different types of research for your paper such as case studies or theory testing. The disadvantages of mixed methods are the workload which can be very rigorous. Collecting data and examining two different types can take a lot of time and energy (George, 2021). When gathering data, using quantitative and qualitative may not always correspond with each other which can make it difficult to move on. It could also be challenging to match the results which can put your data at risk. While designing my mixed method study layout, I will keep in mind
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
my research method, the data that is available, the data I will collect myself and also my research
questions that will be asked and answered. I believe that I will use the embedded design for my research which will allow me to collect the data at the same time but on is bigger and one is smaller than the other. I could use the quantitative as my main data collected or I can use qualitative as my main collector. Case Study
As part of my research paper, I planned on using different Case Studies in my paper from
different companies. A case study is a detailed analysis on a specific case which can involve people, organizations or places. Case studies are usually used in educational, clinical or business research. I learned that case studies are made up of qualitative methods, but sometimes quantitative methods could also be used (McCombes, 2019). I want to use case studies in my research paper because it is great for describing, evaluating and understanding the part of a problem. From me brainstorming right now, I came up with a case study called “Case studies of issues the Internet of Things has cause in Healthcare”. This is a good case study because it allows new insights and will allow future research to happen with new theories. The first step in a case study is to develop your statement of problem like I did earlier in the paragraph. The second step is to create a framework that focuses on the connection between the details. A literature review should also be conducted in order to have a rock-solid academic background. The third step is to explore different research methods to collect data on my topic of
Issues of IoT in Healthcare. I will also focus on qualitative data such as official records, newspapers or observations. This will be done to understand the case entirely and collect the correct data. The fourth step is to analyze the case study which means bringing it all together. Reporting the findings and writing the case study will help analyze the case study. For my case
study, I will use documents such as reports, memos, and letters that are related to my case study. I will also use artifact such as tools, equipment’s and different products to have a clear understanding of my case study. In the healthcare field, case studies are used to examine patient care, treatments and aftermaths (Hassan, 2024). Case studies will be useful to develop effective treatment plans, critical skills for procedures and conditions patients are going through.
References
Bhandari, P. (2020, June 12). What is Quantitative Research? Definition, Uses & Methods. Retrieved from https://www.scribbr.com/methodology/quantitative-research/
Bhandari, P. (2020, June 19). What is Qualitative Research? Methods & Examples. Retrieved from https://www.scribbr.com/methodology/qualitative-research/
DiGiacomo, J. (2017, January 10). Medjacking is a Real Threat to Health Care Systems. Retrieved from https://revisionlegal.com/internet-law/data-breach/medjacking/
George, T. (2021, August 13). Mixed Methods Research Definition, Guide & Examples. Retrieved from https://www.scribbr.com/methodology/mixed-methods-research/
Glynn, Patrick. (2023, June 30). What are Legacy Systems in Healthcare? (How to manage them). Retrieved from https://insightglobal.com/blog/legacy-systems-in-healthcare/
Gillis, A. (2023, August). Internet of Things (IoT). Retrieved from https://www.techtarget.com/iotagenda/definition/Internet-of-Things-IoT
Hassan, M. (2024, January 6). Case Study- Methods, Examples and Guide. Retrieved from https://researchmethod.net/case-study-research/
Makieiev, E. (2023). Legacy Systems in Healthcare: Main Steps & Challenges. Retrieved
from https://integrio.net/blog/legacy-systems-in-healthcare-main-steps-and-
challenges#:~:text=6%20Challenges%20of%20Legacy%20Systems%20in%20Healthcare
%201,Patient%20Engagement%20...%206%206.%20Data%20Silos%20
McCombes, S. (2019, May 8). What is a Case Study? Definition, Examples & Methods. Retrieved from https://www.scribbr.com/methodology/case-study/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
PrivacyRights (2014, July 1). The HIPPA Privacy Rule: How may covered entities use and disclose health information. Retrieved from https://privacyrights.org/consumer-guides/hipaa-
privacy-rule-how-may-covered-entities-use-and-disclose-health-information
Shpachuk, A. (2023, April 14). Healthcare IoT Security: Risks, Issues, Best Practices and
Our Advice. Retrieved from https://empeek.com/insights/healthcare-iot-security-risks-issues-
best-practices-and-our-advice/#post-nav-1
Vinz, S. (2022, October 14). What is a Theoretical Framework? Guide to Organizing. Retrieved from https://www.scribbr.com/dissertation/theoretical-framework/