The SPHINX Consortium identified a set of use cases to establish the user requirements and needs concerning the implementation of new cybersecurity services for the benefit of healthcare organisations and their patients.
Considering the critical assets of healthcare organisations, the actors involved, the threats' taxonomy and vectors and the associated impact of the incidents, sixteen use cases were defined, addressing attacks to obsolete and vulnerable systems, hacking attempts to national healthcare databases, the tampering of medical devices, the theft of medical equipment, the illegal exploration of remote patient monitoring systems and the intercept of data in cross-border healthcare data sharing operations.
Each of the use cases were attentively defined to demonstrate, in the broadest way possible, the diversified panoply of capabilities proposed by the SPHINX Platform, including the capability to identify vulnerable critical assests, the potential to acknowledge and recognise abnormal network and user behaviours, the use of emulation services to deceive attackers and protect assets, the isolation of potentially compromised devices, components, systems and applications, the alerts upon the detection of cybersecurity events and incidents, the detailed reports of cybsersecurity incidents and the recommendations on the suitable and available courses of action to deal with potential, ongoing and forecasted cyber attacks.