Exportação concluída — 

Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals

Detalhes bibliográficos
Autor(a) principal: Gonçalves, Emanuel de Araújo
Data de Publicação: 2023
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Texto Completo: http://hdl.handle.net/20.500.11960/3911
Resumo: In a general context, IT systems are vulnerable to attacks due to increasing digitalization, especially in the health sector. Therefore, the need to protect these systems is extremely urgent. Organizations are increasingly turning to Security Information and Event Management (SIEM) systems to protect the data they manage through a strategy of centralized analysis of multiple security events originating from different security components. The purpose of this work is to analyze and implement a SIEM system in a hospital environment. To achieve this objective, an exploration of the current state of SIEM systems and their main functions was conducted. An analysis of security needs and specific requirements in the hospital context was also performed. Based on this analysis, an architectural model for implementing the SIEM system in the hospital is proposed. The proposed model was implemented and tested in a laboratory environment, revealing that the SIEM system is capable of identifying and reporting relevant security incidents in a hospital context [27]. Some limitations in the tested system were also identified, along with suggestions for future improvements. Taking into account the recent cyberattacks that have targeted public hospitals in Portugal, hospitals must be prepared to face these threats. Implementing a SIEM system can play a key role in mitigating these attacks and safeguarding sensitive patient and employee information.
id RCAP_c697b72a8db206fa5db6dae7e8cbe4ba
oai_identifier_str oai:repositorio.ipvc.pt:20.500.11960/3911
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitalsCyber securitySIEMHospitalThreatsResilienceCibersegurançaAmeaçasResiliênciaIn a general context, IT systems are vulnerable to attacks due to increasing digitalization, especially in the health sector. Therefore, the need to protect these systems is extremely urgent. Organizations are increasingly turning to Security Information and Event Management (SIEM) systems to protect the data they manage through a strategy of centralized analysis of multiple security events originating from different security components. The purpose of this work is to analyze and implement a SIEM system in a hospital environment. To achieve this objective, an exploration of the current state of SIEM systems and their main functions was conducted. An analysis of security needs and specific requirements in the hospital context was also performed. Based on this analysis, an architectural model for implementing the SIEM system in the hospital is proposed. The proposed model was implemented and tested in a laboratory environment, revealing that the SIEM system is capable of identifying and reporting relevant security incidents in a hospital context [27]. Some limitations in the tested system were also identified, along with suggestions for future improvements. Taking into account the recent cyberattacks that have targeted public hospitals in Portugal, hospitals must be prepared to face these threats. Implementing a SIEM system can play a key role in mitigating these attacks and safeguarding sensitive patient and employee information.Num contexto geral, os sistemas informáticos encontram-se vulneráveis a ataques, devido à crescente digitalização, sobretudo no setor da saúde. Por isso, a necessidade de proteger esses sistemas é extremamente urgente. As organizações estão a recorrer cada vez mais a sistemas SIEM (Gestão de Informação e Eventos de Segurança) para proteger os dados que gerem, através de uma estratégia de análise centralizada de múltiplos eventos de segurança originados por diversos componentes de segurança. O propósito deste trabalho é analisar e implementar um sistema SIEM num ambiente hospitalar. Para atingir este objetivo, foi realizada uma exploração do estado atual dos sistemas SIEM e das suas principais funções. Foi também conduzida uma análise das necessidades de segurança e dos requisitos específicos no contexto hospitalar. Com base nesta análise, é proposto um modelo arquitetural para a implementação do sistema SIEM no hospital. O modelo proposto foi implementado e testado em ambiente laboratorial, revelando que o sistema SIEM é capaz de identificar e reportar incidentes de segurança relevantes num contexto hospitalar. Foram também identificadas algumas limitações no sistema testado, juntamente com sugestões para melhorias futuras. Tendo em conta os recentes ataques cibernéticos que têm visado hospitais públicos em Portugal, torna-se crucial que os hospitais estejam preparados para enfrentar estas ameaças. A implementação de um sistema SIEM pode desempenhar um papel fundamental na mitigação destes ataques e na salvaguarda de informações sensíveis de pacientes e colaboradores.2024-02-05T12:13:20Z2023-12-14T00:00:00Z2023-12-14info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/20.500.11960/3911TID:203513894engGonçalves, Emanuel de Araújoinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2024-04-11T08:13:03Zoai:repositorio.ipvc.pt:20.500.11960/3911Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-28T13:29:14.599497Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
title Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
spellingShingle Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
Gonçalves, Emanuel de Araújo
Cyber security
SIEM
Hospital
Threats
Resilience
Cibersegurança
Ameaças
Resiliência
title_short Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
title_full Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
title_fullStr Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
title_full_unstemmed Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
title_sort Analysis of implementation of a Security Information and Events Management (SIEM) System in Public Business Entities (PBE) hospitals
author Gonçalves, Emanuel de Araújo
author_facet Gonçalves, Emanuel de Araújo
author_role author
dc.contributor.author.fl_str_mv Gonçalves, Emanuel de Araújo
dc.subject.por.fl_str_mv Cyber security
SIEM
Hospital
Threats
Resilience
Cibersegurança
Ameaças
Resiliência
topic Cyber security
SIEM
Hospital
Threats
Resilience
Cibersegurança
Ameaças
Resiliência
description In a general context, IT systems are vulnerable to attacks due to increasing digitalization, especially in the health sector. Therefore, the need to protect these systems is extremely urgent. Organizations are increasingly turning to Security Information and Event Management (SIEM) systems to protect the data they manage through a strategy of centralized analysis of multiple security events originating from different security components. The purpose of this work is to analyze and implement a SIEM system in a hospital environment. To achieve this objective, an exploration of the current state of SIEM systems and their main functions was conducted. An analysis of security needs and specific requirements in the hospital context was also performed. Based on this analysis, an architectural model for implementing the SIEM system in the hospital is proposed. The proposed model was implemented and tested in a laboratory environment, revealing that the SIEM system is capable of identifying and reporting relevant security incidents in a hospital context [27]. Some limitations in the tested system were also identified, along with suggestions for future improvements. Taking into account the recent cyberattacks that have targeted public hospitals in Portugal, hospitals must be prepared to face these threats. Implementing a SIEM system can play a key role in mitigating these attacks and safeguarding sensitive patient and employee information.
publishDate 2023
dc.date.none.fl_str_mv 2023-12-14T00:00:00Z
2023-12-14
2024-02-05T12:13:20Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/20.500.11960/3911
TID:203513894
url http://hdl.handle.net/20.500.11960/3911
identifier_str_mv TID:203513894
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833593799009370112

Registros relacionados