Table 1.
Summary of cybersecurity mitigation measures proposed in literature. CIA, confidentiality, integrity, availability
| Mitigation measure | User/vendor | CIA triad | References |
|---|---|---|---|
| Physical mitigation measures (“Physical Mitigation Measures” section) | |||
| Keep file servers in secure areas safeguarded from unauthorized access and environmental threats | U | (CIA) | [13, 14, 23] |
| install security cameras in server rooms | U | (CIA) | [24] |
| Technical mitigation measures (“Technical Mitigation Measures” section) | |||
| Perform regular backups | U/V | A | [2, 13, 23, 25] |
| Use firewalls and network segmentation to prevent network intrusion | U | (CIA) | [5, 13, 23, 26, 29–31] |
| Disable unused physical network and USB ports | U | (CIA) | [20, 25] |
| Use whitelisting for permitted applications | U/V | (CIA) | [18, 25] |
| Implement user authentication and define and enforce access rights | U/V | C | [13, 14, 23, 32, 66] |
| Install updates and patches on a regular basis | U/V | (CIA) | [5, 13, 25] |
| Install antivirus software | U/V | (CIA) | [5, 18, 23, 25] |
| Use encrypted network transmissions | U/(V) | CI | [5, 18, 20] |
| Use encrypted document storage | U/V | CI | [5, 18, 20] |
| Deploy an audit trail | U/V | (CI) | [13, 14, 20, 33, 34] |
| Deploy network monitoring and intrusion detection tools | U | (CIA) | [5, 25, 35] |
| Define and enforce a mobile device policy | U | (CIA) | [5, 13, 14, 23] |
| Deploy automated asset inventory discovery tools | U | (CIA) | [5] |
| Ensure that system configurations are updated to remain secure over time | U/V | (CIA) | [5, 21] |
| Deploy a public key infrastructure providing client certificates | U/V | CI | [5, 65] |
| Enforce remote administration to be performed over secure channels | U | C | [5, 36] |
| Organizational mitigation measures ( “Organizational Mitigation Measures” section) | |||
| Perform regular user training and simulate cybersecurity incidents | U | (CIA) | [5, 12, 13, 25] |
| Perform regular penetration testing | U | (CIA) | [20] |
| Define and implement incident management procedures | U | (CIA) | [6, 13, 25] |
| Medical imaging specific mitigation measures ( “Cybersecurity in PACS and Medical Imaging” section) | |||
| Use de-identified images where possible | U/V | C | [34, 43–46] |
| Implement DICOM transport security or selective encryption of DICOM headers | U/(V) | C | [48–52] |
| Store DICOM files in encrypted format | U/V | C | [34, 53] |
| Use digital signatures or watermarking techniques to protect image integrity | U/V | I | [48, 50, 57–60] |
| Cleanse file preamble when handling DICOM files | U/V | (CIA) | [61, 62, 64] |