Current cybersecurity maturity models: How effective in healthcare cloud?

Abstract

This research investigates the effective assessment of healthcare cyber security maturity models for healthcare organizations actively using cloud computing. Healthcare cyber security maturity models designate a collection of capabilities expected in a healthcare organization and facilitate its ability to identify where their practices are weak or absent and where they are truly embedded. However, these assessment practices are sometimes considered not effective because sole compliance to standards does not produce objective assessment outputs, and the performance measurements of individual IS components does not depict the overall security posture of a healthcare organization. They also do not consider the effect of the characteristics of cloud computing in healthcare. This paper presents a literature review of maturity models for cloud security assessment in healthcare and argues the need for a cloud security maturity model for healthcare organizations. This review is seeking to articulate the present lack of research in this area and present relevant healthcare cloud-specific security concerns.