Cybersecurity by Design

17

September

2022

5/5 (2)

We are living in a continuously digitising world where increasingly more aspects of our life are governed by IT processes. The rapid adoption of IT means that cybersecurity incidents are on the rise (ENISA, 2022). Governments and organisations alike are investing in efforts to raise cybersecurity awareness. For example, people are being trained to treat emails carefully, especially if they contain a link or file. This increased cybersecurity awareness is expected to reduce the risk of cyber incidents happening. However, research calls the effectiveness of these awareness strategies into question. Studies show that long-term changes in the digital behaviour of individuals as a result of these awareness campaigns are little (Bada, et al. 2019). Given that awareness does not prevent the users of IT systems from compromising cybersecurity, another approach is required.

The cybersecurity by design (CSD) model changes the assumption from which the awareness model is operating. Instead of assuming that awareness will prevent people from making mistakes, the CSD model assumes that individuals will make mistakes, nevertheless. The question for software developers then becomes: how can I develop my software such that the risk of compromised cybersecurity is mitigated even if careless users utilise it? Major software companies like Microsoft and Google have already designed their software with this question in mind. In Outlook, emails from unverified senders are displayed in a protected mode where links, images, and files are disabled. This prevents users from mindlessly downloading a file or link, both of which could be potentially harmful. Naturally, the user has the option to mark the sender as verified thereby enabling the content. Another implementation of the CSD model can be found in Google Chrome. Google maintains a list of websites that might put users at risk for malware or phishing. So, when users try to navigate to a potentially harmful website, a warning message is displayed, and they are prevented from entering. Here too, users have the option of navigating to the website despite this warning.

Both examples show how software developers can aid their users in navigating the digital world more safely. The CSD model thereby shows great promise for making the digital world a safer place. However, it cannot do so all by itself. Despite the criticism that the awareness model has faced I am convinced that it can work well together with the CSD model. Being made aware of risks can always have added value, especially in a CSD proof environment. A CSD proof environment can shield users from potentially dangerous content, but it is up to the users themselves to make the final risk assessment. To be able to do so, awareness campaigns can be of help. Ultimately, it is a right balance of CSD proof software and user awareness that will add up to safe navigation of the digital world.  

Sources:

Bada, et al., 2019, ‘Cyber Security Awareness Campaigns: Why do they fail to change       behaviour?’, International Conference on Cyber Security for Sustainable Society,             accessed 10th of September 2022, https://arxiv.org/abs/1901.02672

ENISA, 2021, ‘ENISA Threat Landscape 2021’, accessed 10th of September 2022,             https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021

Please rate this

E-health: hype or revolution?

7

October

2016

5/5 (1) In a couple years healthcare will change revolutionary. Big hospitals will disappear. At least, that is what the Dutch minister Edith Schippers and State Secretary Martin van Rijn claim. Apart from new medical complaints like ‘tablet-neck’, ‘iPad-wrist’, ‘WhatsApp-thumb’ and ‘selfie-elbow’, there is another development going on which is called e-health. E-health is explained as the use of technology to support or improve health and healthcare. As a consequence of e-health, patients will be able to control their health and there are more advantages.

 

Advantages

First of all, healthcare will be closer to patients as e-health provides solutions like an online patient portal where they can make appointments, see their research results and medical and medication information. They can also e-mail questions to their doctor or nurse. Secondly, e-health will reduce costs. This is as a result of the first advantage. Because of the quicker access to your medical information and easier contact with doctors, it will save a lot of time and visits to the hospital. Thirdly, it will be easier for patients to monitor their health themselves and therefore be more independent.

 

Drawbacks

E- health will stimulate the use of smartphones and other electronic devices, whereas this causes medical complaints as mentioned in the introduction. For this reason, it might be better to put smartphones away more often and just enjoy the ‘real’ world. Secondly, only 16% of the patients are using these new possibility of requesting their medicines online and solely 3% asks questions online according to the e-health Monitor 2016 of research institutions Nictiz and Nivel. So a lot of patients are not even able to find their ‘digital doctor’ and the ones that do find the new online possibilities say it’s not user friendly.

Furthermore, it will be dangerous for the health of patients if digital records are transferred in a bad way, like medication overviews which are not up to date. There is a serious problem here, because the computer systems are not connecting to one another. Lastly, the digital healthcare market is a growing market where billions are circulating, however it is not even sure if e-health is really going to improve healthcare and make it cheaper.

 

Concluding, there has to be done a lot more of testing and research regarding e-health before it will become a real revolution instead of a hype.

 

Sources:

Zorgvisie. (2016). Zorgvisie – E-health dossier. [online] Available at: https://www.zorgvisie.nl/home/dossiers/e-health/ [Accessed 5 Oct. 2016].

Nos.nl. (2016). ‘Zo’n e-consult vind ik het handigste dat er is’. [online] Available at: http://nos.nl/artikel/2126626-zo-n-e-consult-vind-ik-het-handigste-dat-er-is.html [Accessed 5 Oct. 2016].

Haks, K. (2016). Smartphonestress. FysioPraxis, (9), p.3.

Nos.nl. (2016). E-health: hype of zorgrevolutie?. [online] Available at: http://nos.nl/nieuwsuur/artikel/2114269-e-health-hype-of-zorgrevolutie.html [Accessed 5 Oct. 2016].

Ad.nl. (2016). Patiënt komt niet bij digidokter. [online] Available at: http://www.ad.nl/dossier-nieuws/patient-komt-niet-bij-digidokter~ae12f17e/ [Accessed 7 Oct. 2016].

Please rate this