Cyber-Analytics: Creating Security Profiles using...
Transcript of Cyber-Analytics: Creating Security Profiles using...
![Page 1: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/1.jpg)
Cyber-Analytics: Creating Security Profiles using Predictive Analytics
![Page 2: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/2.jpg)
Healthcare Data Breaches
2
• Nearly 90 percent of healthcare organizations were
slammed by a breach in the past two years
• 40% increase for 2016 over 2015
• 27 percent hacking and ransomware
• 23,695,069 patient records hacked
• 233 days to discover and344 days to report
• 2016 Dark Web market flooded causing price drop
• 9% healthcare organizations say they were hit with
two or more data breaches in the past two years
• 45% report more than five breaches
Source: Ponemon report, Modern Healthcare, Healthcare Informatics
![Page 3: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/3.jpg)
• Why is this happening?
• Are there similarities between
breached organizations?
• Can we model those
similarities to provide some insight into prevention?
• How might we aggregate breach data to examine
the organizational factors associated with a
breach?
• Data mining and
analytical tools to
discover security,
exposure and
organizational effects
3
Cyber Analytics
![Page 4: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/4.jpg)
4
Research Questions
1. What is the relationship between the level of
security and the likelihood of the occurrence of a
data breach?
2. What is the relationship between the level of
exposure and the likelihood of the occurrence of a
data breach?
3. What is the relationship between specific
organizational factors and the likelihood of the
occurrence of a data breach?
4. What is the relationships between level of
security, level of exposure, organizational factors
and the likelihood of the occurrence of a data
breach?
![Page 5: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/5.jpg)
Developing Models from Standards
5
![Page 6: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/6.jpg)
6
Associating Data
HIMSS Analytics Data
• 6600 Health Organizations
• Annual survey data
• Lots of information
• 65 tables
• 728 fields
DHHS Breach Data
• 500 or more reported
• 1905 data breaches since 2009
• Provider-State-Entity Type-#Affected-Date-BType
![Page 7: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/7.jpg)
7
Work-in-Progress
• HIMSS Access database
• SQL queries to produce tables
• Converted into Excel
• DHHS .CSV spreadsheet
• Matches HAEntity-Provider unique
identifier
• Using R Logistic Regression
• Preliminary analysis shows significant
relationships
• Creating breach model
![Page 8: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/8.jpg)
Impact of Training and Optimism on Personal Computer Security
Barbara Hewitt
Health Information Management
Garry White
Computer Information Systems
![Page 9: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/9.jpg)
Agenda
Introduction
Literature
Research Question
Method
Findings
9
![Page 10: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/10.jpg)
Introduction
Security breaches evolving
– Sophistication
– Costs
– Severity
– Impact
10
![Page 11: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/11.jpg)
Introduction
Security breaches evolving
– Sophistication
– Costs
– Severity
– Impact
Concentrate on technological prevention measures
11
![Page 12: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/12.jpg)
Introduction
Security breaches evolving
– Sophistication
– Costs
– Severity
– Impact
Concentrate on technological prevention measures\
BUT
12
![Page 13: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/13.jpg)
Introduction
You are the weakest link
13
![Page 14: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/14.jpg)
Past Research
14
Students with more education more security
breaches (White 2012, 2015)
Optimism
– Less likely to experience an event
– eliminates security fears (Lungu and Tabusca 2010)
Optimism bias
– More likely to experience negative event
– More likely to experience a positive event
– Prior research is mixed on whether education is a
predictor of optimism bias
– Confidence take more risk control over outcomes (Weinstein, 1980)
– Training may influence this
– Continued training loses its effect (Wolf, Haworth, and Pietron,
2011)
![Page 15: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/15.jpg)
Hypothesis Model
15
![Page 16: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/16.jpg)
Study
16
Demographic N Percent
Age 47.89
Total 875 87.5%
Male 446 51%
Female 429 49%
Education
Some High School 12 1%High school graduate or GED 194 22%Some college 208 24%Associate Degree 124 14%Bachelor Degree 225 26%Graduate Degree 94 11%Doctorate 18 2%
![Page 17: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/17.jpg)
17
Demographic N Percent
Computer
professional/technician 55 6%Computer security professional 14 2%Computer user on the job 334 38%Do not use computer on the
job 106 12%Unemployed 366 42%
![Page 18: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/18.jpg)
Computer and Security Training
18
Demographic N Percent
High School Computer Class 370 42%High School Security Class 461 53%College/University Computer
Class 280 32%College/University Security
Class 470 54%Training 299 34%
![Page 19: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/19.jpg)
Breaches Experienced
19
0
Victim of identity theft 677 198
Computer "performance" problems due to a
virus/malware290 585
Data corruption or loss due to a virus/malware 534 341
PC controlled by hacker 730 145
Number of unauthorized accesses to your data 612 263
Internet became inaccessible due to virus/malware 506 369
Downloaded a virus/malware via an email address 558 317
Downloaded a file off the internet that contained a
virus/malware508 367
Victim of a phishing attack 681 194
Fallen to a hoax email 673 202
Experienced a privacy problem of social networks 643 245
Victim of denial of service attack 742 133
![Page 20: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/20.jpg)
Preliminary Results
20
“positive” relations with education,
prevention/protection, and security incidents at
p <
.001.
H1 – As age increases, security incidents decreases
(less activity/usage as indicated by H 3)
H2 – age with optimism Mixed
H3 – as age increases there is less usage/activity
except for e-mail. As age increases, e-mail usage
increases. There is no relation with amount of time
using the Internet.
H4 – the more educated, the more optimism. However,
there are a few exceptions, mostly with Bias-general not
me.
H5 – generally more education, more activity. However,
amount of time has no relationship with education.
Mixed
![Page 21: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/21.jpg)
Preliminary Results
21
H6 – The more education, the more security incidents
H7 –The more optimistic with technology, the more
security incidents.
Mixed
H8a – The more you do things on the Internet, the more
security incidents you have, especially if you visit an
untrusted site.
H8b The more you do things on the Internet, the more
security incidents you have, especially if you visit an
untrusted site.
H8c Amount of time using the Internet had an influence
security incidents.
Not
Sign
![Page 22: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/22.jpg)
Summary
22
Education and Internet activities are determinants for
security incidents.
Education better recognize and aware of security
incidents.
Activities more opportunities for attack
Subjects are willing to take risks by accessing an
untrusted site.
![Page 23: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/23.jpg)
Other Fun Facts
23
Visit an untrusted web site 50%
![Page 24: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/24.jpg)
References
24
Chapin, J. R. (2001). Self-protective pessimism: Optimistic bias in reverse. North
American Journal of Psychology, 3(2).
Chapin, J. R., & Pierce, M. (2012). Optimistic bias, sexual assault, and fear. The
Journal of general psychology, 139(1), 19-28.
Chenoweth, T., Minch, R., & Gattiker, T. (2009). Application of protection
motivation theory to adoption of protective technologies. Paper presented at the
System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..
Lungu, I., & Tabusca, A. (2010). Optimizing anti-phishing solutions based on
user awareness, education and the use of the latest web security solutions.
Informatica Economica, 14(2), 27.
Trumbo, C., Meyer, M. A., Marlatt, H., Peek, L., & Morrissey, B. (2014). An
assessment of change in risk perception and optimistic bias for hurricanes
among Gulf Coast residents. Risk analysis, 34(6), 1013-1024.
Weinstein, N. D. (1980). Unrealistic optimism about future life events. Journal of
personality and social psychology, 39(5), 806.
Weinstein, N. D., & Klein, W. M. (1996). Unrealistic optimism: Present and
future. Journal of Social and Clinical Psychology, 15(1), 1-8.
White, G. L. (2012). Information Security Education Relationships on Incidents
and Preventions: Cyber Assurance Literacy Needs. Paper presented at the
Proceedings of the Information Systems Educators Conference ISSN.
White, G. L. (2015). Education and Prevention Relationships on Security
Incidents for Home Computers. Journal of Computer Information Systems,
55(3), 29-37.
![Page 25: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/25.jpg)
Patient Access to Personal
Health Information: An
Update from the
Consumer’s Perspective
![Page 26: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/26.jpg)
Patient Access to Health
Information
Patient engagement has been described as the “blockbuster drug of the 21st century”
Patient engagement requires information
Increased adoption of health information technology has made greater patient access to their health information possible
But is it working for the consumer?
![Page 27: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/27.jpg)
Laws Impacting Patient Access to PHI
Under HIPAA patients have had the
right to see and obtain a copy of their
medical records
HIPAA has allowed providers to charge
a “reasonable” cost-based fee for
providing paper or electronic copies of
medical records
Effective September 23, 2013 patients
have the right to request their health
information in electronic form
![Page 28: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/28.jpg)
Laws Impacting Patient Access to PHI
(continued)
HIPAA also provides:
Right to amend information in your
health records
Right to know how your personal health
information will be used and shared and
to limit who gets to see it
Right to limit marketing uses of
protected health information
![Page 29: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/29.jpg)
2016 CMS Guidance
“Providing individuals with access to
their health information is a necessary
component of delivering health care
Although HIPAA permits limited fees,
entities should provide individuals with
copies of PHI free of charge
CMS will monitor whether fees are
creating a barrier and will take
enforcement action where necessary”
![Page 30: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/30.jpg)
Research Approach
2016
Survey of healthcare
consumers on their
experience in access
their health information
2013
Survey of HIM
Leaders on
healthcare
organization
practices
involving patient
access
![Page 31: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/31.jpg)
Results
2016
98% EHR
83% Portal
82% Use Portal
10% Charge for copies
2013
87% EHR
38% Portal
< 5% Use Portal
52% Charge for
electronic copies
65% Charge for
paper copies
![Page 32: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/32.jpg)
2016 Results
Most respondents were satisfied (38%)
or very satisfied (53%) with the patient
portal
57% had requested copies of their
records in the past year
– 88% received them in the requested
format
– 54% received them in 1-15 days
– 10% were charged
60% maintain a PHR in paper or
electronic form
![Page 33: Cyber-Analytics: Creating Security Profiles using ...gato-docs.its.txstate.edu/jcr:f5219734-8a47-4c9e... · System Sciences, 2009. HICSS'09. 42nd Hawaii International Conference on..](https://reader033.fdocuments.net/reader033/viewer/2022053010/5f0e1faa7e708231d43db9d2/html5/thumbnails/33.jpg)
In conclusion
Complete results will be published in
Summer 2017 AHIMA Perspectives
Thank you to Drs. Diane Dolezel
and Alex McLeod