Creating guidelines and best practices against phishing and ransomware attacks for healthcare personnel

Abstract

Amidst the digitalization of services across all sectors, it is essential to stay up to date with the protection mechanisms to be able to protect the systems and services against a multitude of cyber-attacks. Cyber-attacks can have even more severer consequences in the domain of healthcare, as in the case of a cyber-attack on healthcare infrastructures and services, the impact is not limited to material aspects, but human lives are also endangered. Among the most prevalent cyber-attacks are phishing and ransomware attacks. During the thesis, existing mitigation approaches against these attacks were explored. The key contributions of this thesis include: (1) identification of existing mechanisms and guidelines against phishing and ransomware attacks from the existing literature by means of a systematic literature review, (2) lists of guidelines and recommendations to protect against phishing and ransomware attacks, and (3) extending the scope of SLR by proposing a methodology for conducting co-design workshop with industry representatives to capturing more state-of-the-art guidelines and best practices.