Framework for cyber risk loss distribution of hospital infrastructure: Bond percolation on mixed random graphs approach-Reference-Cited by-同舟云学术

Framework for cyber risk loss distribution of hospital infrastructure: Bond percolation on mixed random graphs approach

Published:2023-04-10 Issue:12 Volume:43 Page:2450-2485
ISSN:0272-4332
Container-title:Risk Analysis
language:en
Short-container-title:Risk Analysis

Author:

Chiaradonna Stefano¹,Jevtić Petar¹,Lanchier Nicolas¹

Affiliation:

1. School of Mathematical and Statistical Sciences Arizona State University Tempe Arizona USA

Abstract

AbstractNetworks like those of healthcare infrastructure have been a primary target of cyberattacks for over a decade. From just a single cyberattack, a healthcare facility would expect to see millions of dollars in losses from legal fines, business interruption, and loss of revenue. As more medical devices become interconnected, more cyber vulnerabilities emerge, resulting in more potential exploitation that may disrupt patient care and give rise to catastrophic financial losses. In this paper, we propose a structural model of an aggregate loss distribution across multiple cyberattacks on a prototypical hospital network. Modeled as a mixed random graph, the hospital network consists of various patient‐monitoring devices and medical imaging equipment as random nodes to account for the variable occupancy of patient rooms and availability of imaging equipment that are connected by bidirectional edges to fixed hospital and radiological information systems. Our framework accounts for the documented cyber vulnerabilities of a hospital's trusted internal network of its major medical assets. To our knowledge, there exist no other models of an aggregate loss distribution for cyber risk in this setting. We contextualize the problem in the probabilistic graph‐theoretical framework using a percolation model and combinatorial techniques to compute the mean and variance of the loss distribution for a mixed random network with associated random costs that can be useful for healthcare administrators and cybersecurity professionals to improve cybersecurity management strategies. By characterizing this distribution, we allow for the further utility of pricing cyber risk.

Funder

National Science Foundation

Publisher

Wiley

Subject

Physiology (medical),Safety, Risk, Reliability and Quality

Link

https://onlinelibrary.wiley.com/doi/am-pdf/10.1111/risa.14127

Reference228 articles.

1. Abrams L.(2021).UF Health Florida hospitals back to pen and paper after cyberattack.Bleeping Computer.https://www.bleepingcomputer.com/news/security/uf‐health‐florida‐hospitals‐back‐to‐pen‐and‐paper‐after‐cyberattack/

2. Network security and contagion

3. Acumen Research and Consulting. (2020). Centralized patient‐monitoring system market value anticipated to reach $26b by 2027.https://www.globenewswire.com/news‐release/2020/12/17/2146898/0/en/Centralized‐Patient‐Monitoring‐System‐Market‐Value‐Anticipated‐To‐Reach‐US‐26‐Bn‐By‐2027‐Acumen‐Research‐and‐Consulting.html

4. Agency for Healthcare Research and Quality. (2021). Healthcare Cost and Utilization Project (HCUP) fast stats‐trends in inpatient stays.https://hcup‐us.ahrq.gov/faststats/NationalTrendsServlet?measure1=02&characteristic1=01&time1=10&measure2=&characteristic2=01&time2=10&expansionInfoState=hide&dataTablesState=hide&definitionsState=hide&exportState=hide

5. Alder S.(2021).July 2021 healthcare data breach report.HIPAA Journal.https://www.hipaajournal.com/july-2021-healthcare-data-breach-report/

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Building resilience in cybersecurity: An artificial lab approach;Journal of Risk and Insurance;2023-10-17