{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T20:46:24Z","timestamp":1770065184028,"version":"3.49.0"},"reference-count":16,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>Hospitals have been historically known for their strong risk mitigation policies and designs, which are not becoming easier or simpler to plan and operate. Currently, new technologies and devices are developed every day in the medical industry. These devices, systems, and personnel are in an ever-higher state of connection to the network and servers, which necessitates the use of stringent cybersecurity policies. Therefore, this work aims to comprehensively identify, quantify, and model the cybersecurity status quo in healthcare facilities. The developed model is going to allow healthcare organizations to understand the imminent operational risks and to identify which measures to improve or add to their system in order to mitigate those risks. Thus, in this work we will develop a novel assessment tool to provide hospitals with a proper reflection of their status quo, which will assist hospital designers in adding the suggested cyber risk mitigation measures to the design itself before operation.<\/jats:p>","DOI":"10.3390\/jcp2040043","type":"journal-article","created":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T02:47:26Z","timestamp":1666752446000},"page":"853-861","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Cybersecurity in Hospitals: An Evaluation Model"],"prefix":"10.3390","volume":"2","author":[{"given":"Mohammed A.","family":"Ahmed","sequence":"first","affiliation":[{"name":"Electrical and Computer Engineering Department, King Abdulaziz University, Jeddah 22254, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6624-6148","authenticated-orcid":false,"given":"Hatem F.","family":"Sindi","sequence":"additional","affiliation":[{"name":"Electrical and Computer Engineering Department, King Abdulaziz University, Jeddah 22254, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8461-1404","authenticated-orcid":false,"given":"Majid","family":"Nour","sequence":"additional","affiliation":[{"name":"Electrical and Computer Engineering Department, King Abdulaziz University, Jeddah 22254, Saudi Arabia"}]}],"member":"1968","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"ref_1","first-page":"4","article-title":"Importance of Cyber Security","volume":"111","author":"Goutam","year":"2015","journal-title":"Int. J. Comput. Appl."},{"key":"ref_2","unstructured":"Dummanaboyina, K.S.C. (2022, March 23). Cyber Security and Its Importance. Available online: https:\/\/www.researchgate.net\/publication\/347439655_CYBER_SECURITY_AND_ITS_IMPORTANCE."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"e10059","DOI":"10.2196\/10059","article-title":"Cybersecurity in hospitals: A systematic, organizational perspective","volume":"20","author":"Jalali","year":"2018","journal-title":"J. Med. Internet Res."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s12911-020-01161-7","article-title":"Cybersecurity of Hospitals: Discussing the challenges and working towards mitigating the risks","volume":"20","author":"Argaw","year":"2020","journal-title":"BMC Med. Inform. Decis. Mak."},{"key":"ref_5","unstructured":"Saudi Food and Drug Authority (SFDA) (2019). Guidance to Medical Devices Cybersecurity for Healthcare Providers."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1016\/j.maturitas.2018.04.008","article-title":"Cybersecurity in healthcare: A narrative review of trends, threats and ways forward","volume":"113","author":"Coventry","year":"2018","journal-title":"Maturitas"},{"key":"ref_7","unstructured":"US Department of Health and Human Services (2020). Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients."},{"key":"ref_8","first-page":"2278","article-title":"Phishing\u2014An Analysis on the Types, Causes, Preventive Measuresand Case Studies in the Current Situation","volume":"9","author":"Syiemlieh","year":"2015","journal-title":"IOSR J. Comput. Eng."},{"key":"ref_9","unstructured":"Imaji, A.O. (2022, March 23). Ransomware Attacks: Critical Analysis, Threats, and Prevention Methods. Available online: https:\/\/www.researchgate.net\/publication\/332551447_Ransomware_Attacks_Critical_Analysis_Threats_and_Prevention_methods."},{"key":"ref_10","first-page":"10","article-title":"Documentation and investigation of missing health care equipment: The need to safeguard high priced devices in health care institutions","volume":"6","author":"Cheung","year":"2017","journal-title":"J. Hosp. Adm."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Seh, A.H., Zarour, M., Alenezi, M., Sarkar, A.K., Agrawal, A., Kumar, R., and Ahmad Khan, R. (2020). Healthcare Data Breaches: Insights and Implications. Healthcare, 8.","DOI":"10.3390\/healthcare8020133"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Skierka, I.M. (2018, January 28\u201329). The governance of safety and security risks in connected healthcare. Proceedings of the Living in the Internet of Things: Cybersecurity of the IoT\u20142018, London, UK.","DOI":"10.1049\/cp.2018.0002"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Tabasum, A., Safi, Z., AlKhater, W., and Shikfa, A. (2018, January 25\u201326). Cybersecurity Issues in Implanted Medical Devices. Proceedings of the 2018 International Conference on Computer and Applications (ICCA), Beirut, Lebanon.","DOI":"10.1109\/COMAPP.2018.8460454"},{"key":"ref_14","unstructured":"Almunawar, M.N., and Anshari, M. (2012). Health Information Systems (HIS): Concept and Technology. arXiv."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Kim, J., Lee, C., and Chang, H. (2020). The Development of a Security Evaluation Model Focused on Information Leakage Protection for Sustainable Growth. Sustainability, 12.","DOI":"10.3390\/su122410639"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Callejas-Cuervo, M., Alarcon-Aldana, A.C., and Lopez, A.B. (2016, January 3\u20137). Security evaluation model for virtual learning environments. Proceedings of the 2016 XI Latin American Conference on Learning Objects and Technology (LACLO), San Carlos, Costa Rica.","DOI":"10.1109\/LACLO.2016.7751773"}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/2\/4\/43\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T01:02:47Z","timestamp":1760144567000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/2\/4\/43"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":16,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2022,12]]}},"alternative-id":["jcp2040043"],"URL":"https:\/\/doi.org\/10.3390\/jcp2040043","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,26]]}}}