71. Resilience Optimization of a Network of Hospitals Against Cyberattacks
Invited abstract in session TC-3: Optimisation, stream Sessions.
Tuesday, 13:30-15:00Room: NTNU, Realfagbygget R9
Authors (first author is the speaker)
| 1. | Stephan Helfrich
|
Abstract
Over the past decade, hospitals have increasingly become prime targets for cyberattacks. These attacks can lead not only to the theft of sensitive patient data and financial losses but also to significant disruptions in hospital operations. Particularly, as seen during the WannaCry attack in the UK, multiple hospitals can be affected simultaneously due to shared IT infrastructure and virus spread. Even non-affected hospitals face increasing demands due to forced patient transfers from (partially) shut-down hospitals nearby. Consequently, a whole-hospital-network approach to assess and improve the resilience of hospitals against cyberattacks is of major importance.
We introduce a defender-attacker-defender optimization model designed to evaluate and optimize intra-hospital and inter-hospital preparation and respond strategies to withstand the negative impact of cyberattacks. Particularly, our model integrates the interdependency between the network of hospitals and their patient flow and attack scenarios on the hospitals' IT infrastructure based on attack graphs. This approach allows us to capture the criticality of vulnerabilities in the IT infrastructure and to evaluate both the negative impacts of cyberattacks and the positive effects of countermeasures on hospital operations. Finally, we discuss the application of our model to the hospital landscape of Baden-Württemberg, Germany.
Keywords
- Disaster management
- Strategic and operational planning
- Decision support
Status: accepted
Back to the list of papers