A functioning hospital environment is critical for patient care

The rapid development of technology and digitalisation is also visible in health care, enabling hospital services to be produced in new and more extensive ways by utilising information networks in particular.

“We are currently studying cyber security actions that should be considered at different levels of decision-making. The research clarifies the structure of hospitals’ cyber operating environment, analyses cyber attack data collected on a practical level in hospital environments and uses new technologies to find ways to prepare for cyber threats,” says Martti Lehto, professor of practice in cyber security.

The most common cyber attacks against hospitals and other operators in the field of social and health services are ransomware and hacking. In health care, cyber threats are related to remotely controlled devices, software vulnerabilities, mobile devices or password practices, for example. Cyber attacks can be targeted against the safety of hospital devices and may include data breaches, denial-of-service attacks or internal threats. Ransomware attacks have also revealed how vital patient data systems are for the operation of hospitals, meaning organisations are ready to pay ransom to be able to use their data again.

Arctic submarine communication cables are the backbone of the Internet

Submarine communication cables create a large communications network at the bottom of the sea, delivering more than 95% of all international data traffic. The network is the backbone of the Internet and enables everything from email and social media to telephone and banking services.

Authorities need a comprehensive picture of complex and invisible cyber threats as well as of other factors that could threaten the submarine cable system. This information ensures the required agility for strategic decision-making and optimised financial actions.
“We focus on, among other things, geopolitical analysis and strategic cyber surveillance as well as the cyber security threats to and protection of the submarine cable systems,” Lehto says.

Strategic management of cyber security in Finland

The University of Jyväskylä and Aalto University conducted a study for the Prime Minister’s Office to define the strategic management of cyber security. The study also clarified how the general model for managing interference can be applied to cyber security interference, how the strategic management of cyber security should be organised and what kind of a structure the government has for cyber security management.

“Based on our study, we suggested five alternative models for strategic management, and currently the Security Committee is preparing a new national cyber security strategy based on the models.”

Expert statements to political decision-makers

Decision-makers at the highest levels require research-based knowledge to develop national cyber security.

“Throughout 2018,” Lehto says, “different Parliamentary committees have requested expert statements related to a legislative project on civil and military intelligence, the Government report on spatial data policy, and the Proposal for a Regulation of the European Parliament and of the Council establishing the Digital Europe programme for 2021–2027.” He concludes: “The statements have helped to impact essential development and legislation projects that improve the overall security of society.”

Education based on state-of-the-art research

Master’s and doctoral education in cyber security is increasingly popular.

The number of applicants has increased and currently the master’s degree programme has 160 students and the doctoral programme 25. The master’s degree programme is unique in Finland – Jyväskylä is the only place where you can pursue a master’s degree in cyber security.

The master’s degree in cyber security offers students robust skills to work in management and development tasks that require comprehensive skills in cyber security. The programme takes a look at the cyber world and its security from societal, operational, technological and systemic perspectives. Cyber security is viewed in the context of comprehensive security, considering the development paths, supply security and reliability of services as well as the ability to react and tolerate risks.

The Faculty of Information Technology has extensive national and international cyber security cooperation networks. The faculty collaborates in research and education with several universities, universities of applied sciences and authorities.

Get latest articles from The University of Jyväskylä’s stakeholder magazine into your email. You can cancel your subscription at any time.