Improving the crisis management processes in the context of cyberattack on Field hospital infrastructure
As technology is being used in modern day healthcare, the healthcare industry has been able to make its heritage more efficient. At the same time, the deployment Cyber-Physical systems through both the medical devices, and other Health Internet of Things (HIoT), in turn exposes them to cyber threat actors. In addition, the healthcare industry's attack surface area increases with the constant generation on Healthcare data (which is sometimes referred to as the ‘new gold' by cybersecurity experts) due to its increasingly high demand in the underground cyber-market. Also, the stakeholders that are in both direct and indirect contact with the healthcare cyber infrastructure are also possible targets of the cyberthreat actors in gaining access to these health data records and other motivedriven targets that may cause crisis within the facility.
In this case, certain cybersecurity assessment methods are deployed to assess the current posture of the infrastructure, followed by a
structured deployment of training tools in the form of professionally curated exercises. These will aim to promote a holistic approach to the management cyberthreats targeted towards the healthcare facility, and the healthcare ecosystem as a whole.
The research will focus on the improvement of the method used in evaluating cybersecurity in the health systems by focusing on the an evaluation model for mobile field hospitals. This improved model that has been automated in the form of a functional Python-based software will also be systematically implemented and packaged for direct deployment in the field for instant assessments.
The main objectives of the research includes the aim to coimprove the design processes of the evaluation model on the one hand, and on the other hand of the structured training exercises to be developed specifically for the Field hospital infrastructure users and stakeholders. This will be carried out by identifying and integrating:
(1) the interactions between the fully evaluated cyber infrastructure and its evaluations processes and, (2) the development and implementation of the a structured cyber-immersed simulation training.
In this context, the objective of the Post-Doctorate is to improved/develop a better model and for the co-design and recoding of the python-based automated software. This will in turn leverage the use of the results obtained to better understand the requirements needed to improve the cyber-immersed simulation trainings in the form of advanced Table-top exercises (TTX).
This methodology will be based on the identification and analysis (carried out within the lab environment) of the methods and tools used during the design of the original model and TTX.Benefits
Additional information and application
- Application deadline: October 16, 2022
- Link for application: https: // institutminestelecom.recruitee.com/l/en/o/postdoctorant-postdoct...
- Type of contract: CDD 1 year
- Category and profession of the post (internal): II - P, Post-doctoral
- Position location: Evry-Courcouronnes (91) - FRANCE
- The positions offered for recruitment are open to all with, on request, accommodations for candidates with disabilities
- Job open to public service contractors
- Working conditions: telework possible, restaurant and cafeteria on site, accessibility by public transport (with employer participation) or close to main roads, staff association and sports association on the Evry campusOffer Requirements
Computer science: PhD or equivalent
Essential skills, knowledge and experience
- Knowledge of cybersecurity and network security
- Project management
- Knowledge of ethical hacking
- Knowledge of penetration testing and/or analysis of user-centric training to respond to cyberattacks
- Discretion, confidentiality
- The ability to work in a team
- Understanding and analysis of stakeholder needs
- Analytical mindContact Information