AccScience Publishing / AIH / Online First / DOI: 10.36922/AIH025170035
Submit to AIH
Cite this article
3
Download
56
Views
Journal Browser
Volume | Year
Issue
Search
Forthcoming Issue
Current Issue
View All
News and Announcements
View All
ORIGINAL RESEARCH ARTICLE

Effective metrics to detect and prioritize cyber incidents in healthcare

Cheryl Ann Alexander1* Lidong Wang2
Show Less
1 Department of Research and Development, Institute for IT Innovation and Smart Health, Mississippi, United States of America
2 Institute for Systems Engineering Research, Mississippi State University, Starkville, Mississippi, United States of America
AIH, 025170035 https://doi.org/10.36922/AIH025170035
Received: 24 April 2025 | Revised: 3 August 2025 | Accepted: 21 August 2025 | Published online: 15 October 2025
© 2025 by the Author(s). This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution 4.0 International License ( https://creativecommons.org/licenses/by/4.0/ )
Download PDF
XML
Cite
Abstract

Numerous researches have focused on metrics for detecting and prioritizing incidents or risks; however, most studies address siloed responses within a single team or department. There remains a notable gap in the literature, especially in the healthcare sector, regarding comprehensive incident and risk metrics. This gap extends beyond theoretical principles to practical applications. This paper introduces a set of metrics for detecting and prioritizing cyber incidents, risks, and attacks, with a focus on their application in healthcare. Key principles include a holistic approach to incident and risk management, and the use of both quantitative and qualitative metrics for evaluation. A case study on implementing cyber incident metrics in the Emerald Healthcare System is presented. The case study covers metrics related to incidents, planning, and strategy from risk recognition through incident resolution, as well as approaches to ensuring the readiness of an incident response plan, adopting a holistic approach to risk management, and improving healthcare cybersecurity through integrated technology design. Assessments based on artificial intelligence, machine learning, and deep learning have the potential to serve as powerful metrics. A holistic approach to risk handling helps avoid risk silos, while holistic risk management offers the best protection for hospital cyber infrastructure against malicious attacks. Protecting patient privacy is essential for any healthcare system. A robust and comprehensive approach to patient data privacy, encompassing staff training and strict access control to patient records, should be an integral part of any risk management strategy.

Keywords
Cybersecurity
Cyber risk
Risk metrics
Incidents
Privacy
Healthcare
Artificial intelligence
Machine learning
Funding
None.
Conflict of interest
The authors declare that they have no competing interests.
References
  1. Zhang H, Gao Z, Xu L, et al. A meshfree representation for cardiac medical image computing. IEEE J Transl Eng Health Med. 2018;6:1-12. doi: 10.1109/JTEHM.2018.2795022

 

  1. Mountris KA, Pueyo E. Cardiac electrophysiology meshfree modeling through the mixed collocation method. Appl Sci. 2023;13(20):11460. doi: 10.3390/app132011460

 

  1. Abisoye A, Akerele JI, Odio PE, Collins A, Babatunde GO, Mustapha SD. Using AI and machine learning to predict and mitigate cybersecurity risks in critical infrastructure. Int J Eng Res Dev. 2025;21(2):205-224. doi: 10.13140/RG.2.2.14069.49120

 

  1. Jhessim E, Anku V. Quantum computing for cybersecurity in healthcare systems: A multi-modal approach. Int J Sci Res Arch. 2025;14(1):612-622. doi: 10.30574/ijsra.2025.14.1.0127

 

  1. Maharaj AV, Arbour D, Lee D, et al. Evaluation and Incident Prevention in an Enterprise AI Assistant. In: Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 39; 2025. p. 28931-28937.

 

  1. Sodhro AH, Mughal MI, Iqbal MJ. 5G beyond for healthcare: Leveraging AI/ML and diverse datasets for cybersecurity. In: International Workshop on Secure and Resilient Digital Transformation of Healthcare. Cham: Springer Nature Switzerland; 2024. p. 45-66. doi: 10.1007/978-3-031-85558-0_3

 

  1. Islam E, Rudolph C, Oliver G. Managing cyber harm: A survey of challenges, practices, and opportunities. Inform Secur J Glob Perspect. 2025;34:424-454. doi: 10.1080/19393555.2025.2484348

 

  1. Hubbard DW, Seiersen R, Geer DE, McClure S. How to Measure Anything in Cybersecurity Risk. United States: Wiley; 2016.

 

  1. Harry C, Sivan-Sevilla I, McDermott M. Measuring the size and severity of the integrated cyber attack surface across US county governments. J Cybersecur. 2025;11(1):tyae032. doi: 10.1093/cybsec/tyae032

 

  1. Amali LN, Katili MR, Suhada S, Hadjaratie L. The measurement of maturity level of information technology service based on COBIT 5 framework. Telkomnika (Telecomm Comput Electron Control). 2020;18(1):133-139. doi: 10.12928/telkomnika.v18i1.10582

 

  1. Gori G, Rinieri L, Al Sadi A, Melis A, Callegati F, Prandini M. Graph4: A security monitoring architecture based on data plane anomaly detection metrics calculated over attack graphs. Future Internet. 2023;15(11):368. doi: 10.3390/fi15110368

 

  1. Ahmed M, Pathan AS. False data injection attack (FDIA): An overview and new metrics for fair evaluation of its countermeasure. Complex Adapt Syst Model. 2020;8:1-14. doi: 10.1186/s40294-020-00070-w

 

  1. Algarni AM, Thayananthan V, Malaiya YK. Quantitative assessment of cybersecurity risks for mitigating data breaches in business systems. Appl Sci. 2021;11(8):3678. doi: 10.3390/app11083678

 

  1. Iganibo I, Albanese M, Mosko M, Bier E, Brito AE. An attack volume metric. Secur Privacy. 2023;6(4):e298. doi: 10.1002/spy2.298

 

  1. Maulita I, Hayadi BH. Financial loss estimation in cybersecurity incidents: A data mining approach using decision tree and linear regression models. J Cyber Law. 2025;1(2):161-174. doi: 10.63913/jcl.v1i2.9

 

  1. Ramli A, Darus MY, Mohd Yussoff Y, Azni B. Integrated cybersecurity framework for enhanced threat detectionand incident response in the digital era. Malays J Comput. 2025;10(1):2099-2116. doi: 10.24191/mjoc.v10i1.4520

 

  1. Calvo M, Beltrán M. Applying the Goal, Question, Metric method to derive tailored dynamic cyber risk metrics. Inform Comput Secur. 2024;32(2):133-158. doi: 10.1108/ICS-03-2023-0043

 

  1. Babatunde GO, Mustapha SD, Ike CC, Alabi AA. A holistic cyber risk assessment model to identify and mitigate threats in us and Canadian enterprises. Int J Multidiscip Res Growth Eval. 2025;6(1):773-787. doi: 10.54660/.IJMRGE.2025.6.1.773-787

 

  1. Chatziamanetoglou D, Rantos K. Weighted quality criteria for cyber threat intelligence: Assessment and prioritisation in the MISP data model. Int J Inform Secur. 2025;24(4):1-35. doi: 10.1007/s10207-025-01080-6

 

  1. Jones RK. AI automated incident response and threat mitigation using AI. In Revolutionizing Cybersecurity with Deep Learning and Large Language Models. United States: IGI Global Scientific Publishing; 2025. p. 201-236. doi: 10.4018/979-8-3373-3296-3.ch007

 

  1. Aljumaiah O, Jiang W, Addula SR, Almaiah MA. Analyzing cybersecurity risks and threats in IT infrastructure based on NIST framework. J Cyber Secur Risk Audit. 2025;2025(2):12- 26. doi: 10.63180/jcsra.thestap.2025.2.2

 

  1. Djenna A, Harous S, Saidouni DE. Internet of things meet internet of threats: New concern cyber security issues of critical cyber infrastructure. Appl Sci. 2021;11(10):4580. doi: 10.3390/app11104580

 

  1. Ogunsanya VA, Adesokan A, Eleweke I, Obu AU, Afolabi R, Abbas R. Cybersecurity incidents on digital infrastructure and industrial networks. J Computat Anal Appl. 2025;34(3):85-106.

 

  1. Bonagiri K, Krishnamoorthy P, Keerthiga V, Kirubakaran D, David R, Nancharaiah B. Cybersecurity with machine learning: Implementing AI Algorithms for Intrusion Prevention, Advanced Data Protection, and Real-Time Threat Analysis. In: 2025 International Conference on Computational, Communication and Information Technology (ICCCIT), Indore, India; 2025. p. 292-298. doi: 10.1109/ICCCIT62592.2025.10928115

 

  1. Kalpinagarajarao GK, Gopalan R. AI-enhanced oracle platforms: A new era of predictive healthcare analytics and cybersecurity. Int J Multidiscipl Res Growth Eval. 2025;6(1):1823-1830. doi: 10.54660/.IJMRGE.2025.6.1-1823-1830

 

  1. ElSayed Z, Abdelgawad A, Elsayed N. Cybersecurity and frequent cyber attacks on IoT Devices in Healthcare: Issues and Solutions. arXiv preprint, arXiv:2501.11250v1, 2025. p.1-7.

 

  1. Ozcelik MM, Kok I, Ozdemir S. A survey on internet of medical things (IoMT): Enabling technologies, security and explainability issues, challenges, and future directions. Expert Syst. 2025;42(5):e70010. doi: 10.1111/exsy.70010

 

  1. Tiwo OJ, Adesokan-Imran TO, Babarinde DC, Salami IA, Onyenaucheya OS, Olaniyi OO. Improving patient data privacy and authentication protocols against AI-powered phishing attacks in telemedicine. Asian J Res Comput Sci. 2025;18(4):93-114. doi: 10.9734/ajrcos/2025/v18i4610

 

  1. Chen YH, Chang A, Huang C. Using learning time as metrics: An artificial intelligence driven risk assess framework to evaluate DDoS cyber attack. J Intell Fuzzy Syst. 2021;40(4):7691-7699. doi: 10.3233/JIFS-189589

 

  1. Verma A, Gupta A, Akbar M, Yadav AK, Yadav D. Presentation attack detection using referential quality metrics and minutiae count. Preprints. Research Square ; 2021. p. 1-10. doi: 10.21203/rs.3.rs-792415/v1

 

  1. Kumar M, Epiphaniou G, Maple C. Comprehensive threat analysis in additive manufacturing supply chain: A hybrid qualitative and quantitative risk assessment framework. Prod Eng. 2024;18:955-973. doi: 10.1007/s11740-024-01283-1

 

  1. Yampolskiy M, Skjellum A, Kretzschmar M, Overfelt RA, Sloan KR, Yasinsac A. Using 3D printers as weapons. Int J Crit Infrastruct Protect. 2016;14:58-71. doi: 10.1016/j.ijcip.2015.12.004

 

  1. Yoo Y, Park HS. Qualitative risk assessment of cybersecurity and development of vulnerability enhancement plans in consideration of digitalized ship. J Mar Sci Eng. 2021;9(6):565. doi: 10.3390/jmse9060565

 

  1. Balogun AY. Strengthening compliance with data privacy regulations in US healthcare cybersecurity. Asian J Res Comput Sci. 2025;18(1):154-173. doi: 10.9734/ajrcos/2025/v18i1555

 

  1. Cornejo GM. Assessing cybersecurity dynamics: A comparative analysis of data breaches in urban and rural hospitals in the United States. Secur J. 2025;38(1):25. doi: 10.1057/s41284-025-00475-3

 

  1. Fleming P, O’Donoghue C, Almirall-Sanchez A, et al. Metrics and indicators used to assess health system resilience in response to shocks to health systems in high income countries-A systematic review. Health Policy. 2022;126(12):1195-1205. doi: 10.1016/j.healthpol.2022.10.001

 

  1. Kurniawan A, Darus MY, Mohd Ariffin MA, Muliono Y, Pardomuan CR. Automation of quantifying security risk level on injection attacks based on common vulnerability scoring system metric. Pertanika J Sci Technol. 2023;31(3): 1245-1265. doi: 10.47836/pjst.31.3.07

 

  1. Tiwo OJ, Adesokan-Imran TO, Babarinde DC, Oyekunle SM, Olutimehin AT, Olaniyi OO. Advancing security in cloud-based patient information systems with quantum-resistant encryption for healthcare data. Asian J Res Comput Sci. 2025;18(4):187-208. doi: 10.9734/ajrcos/2025/v18i4615

 

  1. Verulava T, Jorbenadze R, Ghonghadze A, Dangadze B. Introducing critical incident reporting system as an indicator of quality healthcare in Georgia. Hosp Top. 2022;100(2): 77-84. doi: 10.1080/00185868.2021.1926384

 

  1. Alarfaj KA, Rahman MH. The risk assessment of the security of electronic health records using risk matrix. Appl Sci. 2024;14(13):5785. doi: 10.3390/app14135785

 

  1. Covarrubias JZ. Effective communication as a pillar of cybersecurity: Managing incidents and crises in the digital era. J Risk Anal Crisis Response. 2025;15(2):239-272. doi: 10.54560/jracr.v15i2.564

 

  1. Janani K. The human-machine identity blur: A Unified Framework for Cybersecurity Risk Management in 2025. arXiv preprint, arXiv:2503.18255v1 [cs.CR], 2025. p.1-9.
Next article in this issue
Share
Back to top
Artificial Intelligence in Health, Electronic ISSN: 3029-2387 Print ISSN: 3041-0894, Published by AccScience Publishing
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here
Accept