Working aid for information security officers and information for the hospital management
Krankenhäuser und viele andere Einrichtungen des Gesundheitswesens tragen in mehrfacher Hinsicht eine besondere Verantwortung für die Resilienz ihrer IT-Infrastrukturen. Die Versorgung von Patientinnen und Patienten mit Unterstützung modernster IT-Systeme muss ebenso zuverlässig gewährleistet sein wie der Schutz sensibler Patientendaten.
Öffentlich bekannt gewordene IT-Sicherheitsvorfälle in Kliniken und Krankenhäusern zeigen, dass medizinische Einrichtungen zunehmend gezielt, aber auch ungezielt Opfer eines Cyber-Angriffs werden können. Auch die veränderte weltpolitische Lage muss zukünftig ggf. stärker bei der Konzeption von Sicherheitsmaßnahmen zum Schutz von kritischen Infrastrukturen berücksichtigt werden.
Nicht zuletzt aufgrund der zunehmenden Digitalisierung im Bereich der medizinischen Versorgung stehen vor allem Krankenhäuser vermehrt vor großen Herausforderungen im Hinblick auf die Absicherung und die Resilienz ihrer IT-Systeme, -Prozesse und -Komponenten, die für die medizinische Versorgung relevant sind.
Mit unserer Handreichung geben wir Informationssicherheitsbeauftragten sowie Klinikleitungen die wichtigsten Hinweise für die Ausgestaltung der Informationssicherheit im Krankenhaus.
Calculation tool for personnel capacities for an information security officer
With the help of our calculation tool, clinics can use their tasks and capacities to estimate how great the need for an information security officer is in their hospital. The assessment of the workload can be a basis for the design of a job.
The tool can be downloaded here:
How do I protect my hospital?
The technical development in the IT sector in the last 25 years has been enormous and has also led to completely new possibilities in the healthcare sector. This is an encouraging development, since technical advances have significantly improved the efficiency and quality of a hospital’s central business processes. However, there is also a dark side that has manifested itself dramatically in recent months: hospitals have been victims of cyber attacks.
If you reduce the very extensive implementation instructions, orientation aids, recommendations for action as well as the recognized standards and regulations to six essential points, which offer the greatest possible benefit and protection against cyber attacks, then these are the following six basics according to experience. The vast majority of cyber attacks can be prevented or significantly reduced in impact by taking these steps.
In this guide, which is continuously updated in line with current technological developments and the latest findings, the Cyber Security Council Germany e.V., with the kind support of our member AuraSec GmbH, presents the most important measures.
How do I protect my company?
Small and medium-sized enterprises are the backbone of the German economy. They generate a large part of the gross national product and provide jobs for millions. Small and medium-sized companies are attractive, but unfortunately so are cybercriminals. More than half of cyber attacks hit small and medium-sized businesses with fewer than 500 employees. In the case of many smaller medium-sized companies, there is also the fact that they do not have the same cyber security infrastructure as large corporations that can finance and maintain their own IT departments and comprehensive IT security protection.
The good news is that even small businesses can protect themselves by taking concrete steps that are easy to adopt and maintain.
The vast majority of cyber attacks can be prevented or mitigated by taking these steps.
In this guide, which is continuously updated in line with current technological developments and the latest findings, the Cyber Security Council Germany e.V. presents you with the most important steps.
How do I protect myself as a private individual?
Most people spend a lot of time on the internet. They order in online shops, they book trips, they make transfers or stream series. The Internet is a natural part of everyday life.
When you hear about cyber attacks on large companies or government agencies, it’s easy to think that the risk to consumers is much smaller. Unfortunately, individuals are particularly at risk. This starts with malware and spam e-mails and extends to phishing attacks to steal bank details and passwords.
The good news is that individuals and families can also protect themselves by taking concrete steps that are easy to implement and maintain. The vast majority of cyber attacks can be prevented or intercepted by taking such steps.
In this guide, the Cyber Security Council Germany e.V. presents you with the most important steps.