Cyber-surveillance is a service to diagnose and evaluate the security of the information system with regard to the Internet.
The cyber-surveillance service is a comprehensive system which allows the detection of vulnerabilities in an Internet-exposed information system (auditing exposed interfaces, intrusion tests, configuration audits, malicious code, etc.).
To do this, the cyber-surveillance platform’s features include:
- Mapping and determining the attack surface of an information system
- Detecting vulnerabilities affecting an organisation's information system
- Detecting a possible data leak (source code leak, data leak, user data leak, etc.) targeting the information system
A cyber-surveillance report is provided, describing all the detected vulnerabilities sorted by criticality as well as a remediation action plan with priorities set.
For more information, see the Documentation section.
The cyber-surveillance service is currently being implemented for the benefit of regional healthcare coordination authorities (GHTs) and facilities that have been victims of a cyber-attack. It is testing configuration best practices for the network, servers and applications exposed to the Internet.
By late in the first quarter of 2021, an online service will be available to order an audit.
The service will be gradually opened to all facilities that request it.
The cyber-surveillance service allows the detection of vulnerabilities in an Internet-exposed information system.
Interfaces publicly exposed to the Internet are only some of the places where healthcare facilities need protection. The results of cyber-surveillance must therefore be taken into account as part of a comprehensive risk management approach (one which incorporates other types of audits: internal/external pentests, configuration audits, etc.).
Other sources of threats (malicious code, phishing attacks, etc.) must also be taken into account, as they can also pose significant risks to the normal operation of healthcare facilities.
The service could be enhanced to analyse remote access to health applications (telemedicine, access to X-ray and lab reports, etc.).