Detalhes bibliográficos
| Ano de defesa: |
2021 |
| Autor(a) principal: |
Dias, Fábio Martins
 |
| Orientador(a): |
Lucato, Wagner Cezar
|
| Banca de defesa: |
Lucato, Wagner Cezar
,
Costa, Ivanir
,
Oliveira Neto, Geraldo Cardoso de
|
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Universidade Nove de Julho
|
| Programa de Pós-Graduação: |
Programa de Pós-Graduação de Mestrado e Doutorado em Engenharia de Produção
|
| Departamento: |
Engenharia
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://bibliotecatede.uninove.br/handle/tede/2803
|
Resumo: |
Cybersecurity is a Herculean task for any industry. However, the health sector is one of the most vulnerable sectors found in the academic literature, with worrying data on the challenges to be overcome by cybersecurity in the sector, which is an attractive and vulnerable target, as it is a rich source of valuable information. Thus, according to the literature, an efficient solution to combat cyber threats is the development of a risk management plan. Thus, this dissertation aims to propose a risk management tool with a focus on cybersecurity in the health sector. In this sense, it develops a theoretical-practical structure for cyber risk management inspired by the PDCA management tool, showing minimum safety items for medical devices and best practices that should be employed. In order to verify the adherence of the developed structure to real-world situations, the study methodology used was the study of multiple cases, which investigated this international phenomenon within the context of large health institutions in Brazil. As a result, the same stance found in international research was observed that, the strategies to deal with cyber risks focus only on remediation, since the institutions believe they are safe against cybercrimes only with the use of antivirus and firewalls. Thus, the conclusions point out that an inadequate cybersecurity results not only in the compromise of information, but also in the compromise of vital devices to life, in which the paralysis brings great damage to society, in addition to a great financial loss of health institutions. It is concluded, therefore, that this work contributes to the theory, insofar as it adds to the literature a robust structure to manage cyber risks in health institutions in Brazil, since there is no similar study contemplated in the bibliography that deals with the theme. Equally, it generates contributions to the practice, through a better vision for the protection of health institutions, providing a modern, complete and agile tool to protect them. |
