To provide services and manage sensitive data in an electronic fashion, as well as maintain day-to-day operations, educational and healthcare services have transitioned from being primarily comprised of stand-alone systems to using interconnected digital networks. By increasing dependence on multiple digital networks for their operations educators and healthcare providers have exposed themselves to new risks, specifically cyber-attacks (i.e., ransomware, phishing, insider threats, and data breaches). The impact that these cyber-attacks can have on educational and healthcare institutions can be devastating; for example: these attacks can disrupt educational processes, disrupt clinical service delivery, and create long-lasting challenges related to loss of trust and regulatory penalties. A layered framework for mitigating security risks associated with the information technology environments of educational and healthcare institutions will be developed, which considers the unique financial, operational, and compliance constraints of each of these sectors. A prototype architecture for such a framework is based on continuous risk assessment, vulnerability scoring, and anomaly detection. Experimental results from simulation datasets and case measurement metrics show statistically significant increases in the accuracy of threat detection, reductions in the time required to respond to threats, and overall reductions in the amount of risk that has been exposed as a result of cyber-attacks against educational and healthcare institutions. Because this research addresses educational and healthcare sector-specific threat models and operational realities, it serves as proof of concept for developing robust cybersecurity systems that strike an appropriate balance between security, usability, and compliance.
Mim Mahrima Akter (Sat,) studied this question.