{"id":7930,"date":"2022-06-13T15:17:31","date_gmt":"2022-06-13T13:17:31","guid":{"rendered":"https:\/\/www.tauli.cat\/institut\/?p=7930"},"modified":"2022-07-04T11:51:00","modified_gmt":"2022-07-04T09:51:00","slug":"cybersecurity-in-healthcare-vulnerabilities-trends-and-challenges","status":"publish","type":"post","link":"https:\/\/www.tauli.cat\/institut\/actualitat\/vigilancia-tecnologica\/2022\/06\/cybersecurity-in-healthcare-vulnerabilities-trends-and-challenges\/","title":{"rendered":"Cybersecurity in Healthcare: vulnerabilities, trends and challenges","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"<div class=\"wpb-content-wrapper\">[vc_row][vc_column][vc_column_text]Over the last years, <strong>hospitals and health systems have increasingly embraced<\/strong> <strong>digital technologies<\/strong>, such as cloud, Big Data, Internet of Things (IoT), remote monitoring, and more, to offer the best patient care. However, as more digital technologies are adopted, the <strong>risk of cyberattack<\/strong> potentially increases.<!--more--><\/p>\n<p><strong>Healthcare data is particularly sensitive to cyberattack<\/strong>, since healthcare cyber breaches often involve loss of sensitive personal information and medical records<strong>. Digitally-connected medical devices are also susceptible to cyberattack<\/strong>, and interference with how these devices operate could potentially lead to patient harm or even death.<\/p>\n<p>In addition to this, <strong>the emergence of Covid-19 has boosted the digitalisation process of healthcare systems worldwide<\/strong>, increasing the associated cybersecurity risks. To cope with the pandemic, health systems have performed several actions to care for an unprecedented number of patients, but some of these actions have led to a breach in cybersecurity:[\/vc_column_text][vc_single_image image=&#8221;8134&#8243; img_size=&#8221;large&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;none&#8221;][vc_column_text]In this scenario, <strong>healthcare systems are actually plagued by cyberattacks<\/strong> that are advanced, persistent, and which can wreck both operations and reputation. Healthcare organizations manage an array of assets, including infrastructure, applications, managed and unmanaged endpoints, mobile devices, and cloud services, all of which can be attacked. Given the increasingly sophisticated and widespread nature of these attacks, the <strong>healthcare industry must make cybersecurity a priority and commit to the investments necessary to protect its patients<\/strong>.[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_tta_accordion active_section=&#8221;0&#8243;][vc_tta_section title=&#8221;Top 4 cybersecurity threats&#8221; tab_id=&#8221;1652260361796-25141243-9905&#8243;][vc_column_text]Cyber-attacks on independent practitioners as well as large, integrated healthcare systems have infected even the most protected networks. In 2021, <strong>healthcare systems suffered the highest number of cyber-attacks<\/strong>, with ransomware -1.203 attacks of this type where reported-, and phishing attacks as the leading dangers, some of them affecting a large number of patients. In the same year, <strong>45.67 million patient records were breached, confirming the highest levels of exposure since 2015<\/strong>.<\/p>\n<p>Here, the <strong>top 4 cybersecurity threats and vulnerabilities<\/strong> that affect the healthcare systems are summarised:[\/vc_column_text][vc_single_image image=&#8221;8132&#8243; img_size=&#8221;large&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;none&#8221;][vc_column_text]In the following 4 sections, these type of threats are studied in more detail.[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Phishing attack&#8221; tab_id=&#8221;1652360986270-917c126e-362d&#8221;]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>What is phishing and its motivations<\/span><\/h5>[vc_column_text]Phishing is a<strong> fraudulent practice<\/strong> that consists of simulating a<strong> false identity<\/strong>, often by impersonation of the identity of a person or a specific organization, with the aim of inciting victims (contacted by e-mail, telephone or text message) to carry out an action that would enable cybercriminals to <strong>steal their personal data<\/strong>, usually data credentials or credit card numbers.[\/vc_column_text][vc_single_image image=&#8221;7975&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;fadeInLeft&#8221;][vc_column_text]This type of attack is usually used by cybercriminals in <strong>credential theft<\/strong>, the <strong>spread of malicious programming<\/strong> and also <strong>frau<\/strong><strong>d distribution<\/strong>:[\/vc_column_text][vc_single_image image=&#8221;8136&#8243; img_size=&#8221;large&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;none&#8221;]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Must-Know phishing statistics in Healthcare<\/span><\/h5>[vc_column_text]\n<ul>\n<li><strong>60% of phishing<\/strong> cases are aimed at <strong>access credentials<\/strong> and contain a link to a fraudulent website<\/li>\n<li>One in four health professionals opens a phishing email; one in six clicks on the malicious link and, approximately <strong>7% of them give information<\/strong><\/li>\n<li>Phishing has become the <strong>main method of attack<\/strong> against the healthcare sector; in Spain, it represents <strong>57%<\/strong> of cyber-attacks against this sector<\/li>\n<\/ul>\n[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Ransomware attack&#8221; tab_id=&#8221;1652365780100-0ca6286a-67ed&#8221;]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>What is Ransomware and how it works<\/span><\/h5>[vc_column_text]Ransomware is a type of malicious software (malware) that threatens to <strong>block access to data or a computer system<\/strong>, usually by encrypting it, until the victim pays a ransom fee to the attacker. Hackers also may deploy ransomware that <strong>destroys or exfiltrates data<\/strong>, or ransomware in conjunction with other malware that does so.[\/vc_column_text][vc_single_image image=&#8221;8065&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;fadeInLeft&#8221;][vc_column_text]A ransomware incident in a healthcare system can lead to <strong>serious consequences<\/strong>:<\/p>\n<ul>\n<li><strong>Patients\u2019 health impact<\/strong>. The disruption of healthcare services can put patients\u2019 lives at risk.<\/li>\n<li><strong>Economic impact<\/strong>. Economic losses caused on the affected systems can be at least 760.000 \u20ac, assuming that no ransom is paid. It may also require penalties arising from non-compliance with cybersecurity regulations.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Must-Know ransomware statistics in Healthcare<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Malware distributed via <strong>phishing<\/strong> <strong>is the second most common way<\/strong> for ransomware to enter the healthsector, representing the <strong>26.3%<\/strong> of the ransomware attacks<\/li>\n<li>The number of <strong>ransomware attacks against hospitals increased by 60%<\/strong> in march 2020<\/li>\n<li>In <strong>Spain increased by 160%<\/strong>; in Germany 145%; in UK 80% and in France 36% the same year<\/li>\n<\/ul>\n[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Data leakage or data loss&#8221; tab_id=&#8221;1653307301055-08adf522-c75c&#8221;][vc_column_text]In the healthcare sector, <strong>personal and research data leakage<\/strong> have their origin in <strong>cyber-attacks<\/strong>, motivated by the high value of these, and errors caused by the human factor. The diversity of entities in this sector, the volume of digitised data and the high connectivity are some of the reasons why the risk of data leakage is increasing.[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Data of interest<\/span><\/h5>[vc_column_text]Data theft represents an <strong>opportunity for cybercriminals<\/strong> as they can be <strong>easily monetised<\/strong>. These data can be:[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"2560\" height=\"1920\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-scaled.jpg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-scaled.jpg 2560w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-300x225.jpg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-1200x900.jpg 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-768x576.jpg 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-600x450.jpg 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-1536x1152.jpg 1536w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-800x600.jpg 800w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/irwan-iwe-rbDE93-0hHs-unsplash-1920x1440.jpg 1920w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Medical data<\/h6>  <p>Personal data, medical records, health records, laboratory test results, diagnoses, medical invoices, insurance data, bank accounts, insurance, x-rays, etc.<\/p>  <\/div><\/div>[vc_column_text]These data are sold on the dark web, where they are bought at high prices -a complete health profile can be worth between 200 \u2013 830 \u20ac- to perpetrate crimes of identity theft, financial fraud or extortion.[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"2560\" height=\"1707\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-scaled.jpg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-scaled.jpg 2560w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-300x200.jpg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-1200x800.jpg 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-768x512.jpg 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-600x400.jpg 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-1536x1024.jpg 1536w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/national-cancer-institute-27KVI33BS_E-unsplash-1920x1280.jpg 1920w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Research data<\/h6>  <p>Research information, intellectual property or drug test results. This information has great economic value and is the result of years of expensive research and experiments.<\/p>  <\/div><\/div><h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Types of errors<\/span><\/h5>[vc_column_text]Information leaks originate from <strong>unauthorised accesses<\/strong> -22% of reported cases-, which can occur for two reasons:<\/p>\n<ul>\n<li><strong>Errors caused by the human factor<\/strong>. These errors are common among health professionals and are essentially a symptom of a lack of awareness. This results in bad practices such as the processing of patients\u2019 medical data outside the central information systems and without encrypting, with the risk to end up in the wrong hands.<\/li>\n<li><strong>Intentional actions perpetrated by internal employees -called internal threat-<\/strong>. In this case, the employee tries to steal information through external storage devices, makes a copy of on the cloud or sends it to a private email account. The reasons why an employee decides to act against his own organisation can be economic -sale of data- or revenge.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Some data leakage statistics in Healthcare<\/span><\/h5>[vc_column_text]\n<ul>\n<li>In 2020, the number of information leakage reported to the authorities was <strong>25% higher<\/strong> than in 2019, and <strong>100% higher<\/strong> than in 2014.<\/li>\n<\/ul>\n[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Security of e-Health devices&#8221; tab_id=&#8221;1653307526577-e05f5518-f9ef&#8221;][vc_column_text]<strong>The pandemic has boosted e-Health technologies<\/strong> for telemedicine, unified information management and efficient disease control. These include Internet of Health Things (IoHT) and m-Health:<\/p>\n<ul>\n<li><strong>IoHT<\/strong>. Medical control devices installed in hospital beds with network connectivity (respirators, arterial control, blood oxygen level, blood pressure, anti-coagulants, etc.). These devices allow an intelligent approach to the service and more accurate and efficient decision-making. Data generated by this medical equipment is combined with other safety-related data and integrated, in real time, into a central control system.<\/li>\n<li><strong>m-Health<\/strong>. Mobile devices that provide Health services. These devices allow real-time and remote monitoring, as well as tracking of the disease.<\/li>\n<\/ul>\n[\/vc_column_text][vc_single_image image=&#8221;8125&#8243; img_size=&#8221;medium&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221; css_animation=&#8221;fadeInLeft&#8221;]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Vulnerabilities of e-Health devices<\/span><\/h5>[vc_column_text]The most common vulnerabilities are due to <strong>aspects intrinsic to their design<\/strong>, such as the use of weak passwords, the use of unsecured protocols, as well as the <strong>lack of updates<\/strong>.<\/p>\n<ul>\n<li><strong>IoHT<\/strong>.\u00a0 Difficult to keep them updated due to their variety -8% of the devices connected to medical centres-. After 10 years, the more expensive ones -diagnostic devices, laboratory tests or medical imaging- can be considered obsolete because they do not receive the relevant updates.<\/li>\n<li><strong>m-Health<\/strong>. Development and publication of Covid-19 tracking apps in a record time has meant that they have not been adequately evaluated from a cybersecurity point of view.<\/li>\n<\/ul>\n<p>It is crucial to <strong>segment the network <\/strong>-see Cybersecurity trends in Healthcare section- so that potentially vulnerable devices cannot interfere in the parts of the network where there are more critical elements.[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Which are the consequences?<\/span><\/h5>[vc_column_text]The vulnerabilities mentioned above can lead to serious consequences:<\/p>\n<ul>\n<li>Affecting the <strong>privacy of patients&#8217; data<\/strong><\/li>\n<li>Degrading the <strong>quality of treatment<\/strong><\/li>\n<li>Being exploited to carry out a <strong>cyber-attack<\/strong> -control gain, configuration modification, data capture, malware deployment-<\/li>\n<\/ul>\n[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Recent examples of cyberattacks&#8221; tab_id=&#8221;1652262810481-c75aa8c7-e881&#8243;][vc_column_text]The following examples of <strong>cybersecurity breaches<\/strong> exemplify the <strong>variety of attacks<\/strong> the healthcare field has faced worldwide, and the consequences of these attacks for organizations:[\/vc_column_text][vc_single_image image=&#8221;8140&#8243; img_size=&#8221;large&#8221;][\/vc_tta_section][vc_tta_section title=&#8221;5 Types of cybersecurity&#8221; tab_id=&#8221;1652260361803-5f939ca6-b2b3&#8243;][vc_column_text]To protect the network and data of healthcare systems, and any other organisation, it is important to understand the different types of cybersecurity and how they defend against cyber threats.<\/p>\n<p>The different cybersecurity solutions in the market serve the same purpose: to <strong>ensure the confidentiality, integrity, and availability of data and to protect the cyber assets<\/strong>.[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"2291\" height=\"1309\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security.webp\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security.webp 2291w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-300x171.webp 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-1200x686.webp 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-768x439.webp 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-600x343.webp 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-1536x878.webp 1536w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/network-security-1920x1097.webp 1920w\" sizes=\"(max-width: 2291px) 100vw, 2291px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Network security<\/h6>  <p>Activities and controls designed to protect the integrity of the networking infrastructure, defending the network and the data against threats, unauthorized access, intrusions, breaches, misuse and so forth.<\/p>  <\/div><\/div>[vc_column_text]Network security ensures that the entire underlying network infraestructure, from devices and applications to end-users, is working securely. A large variety of technologies and tools can be found on the market, such as <a href=\"https:\/\/www.forcepoint.com\/cyber-edu\/firewall\"><strong>firewalls<\/strong><\/a>, <strong>intrusion detection\/protection systems<\/strong> &#8211;<a href=\"https:\/\/www.geeksforgeeks.org\/intrusion-detection-system-ids\/\">IDS<\/a> and <a href=\"https:\/\/www.geeksforgeeks.org\/intrusion-prevention-system-ips\/\">IPS<\/a>&#8211; and <a href=\"https:\/\/www.kaspersky.com\/resource-center\/definitions\/what-is-a-vpn\"><strong>virtual private networks<\/strong><\/a> (VPNs).[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"768\" height=\"350\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Endpoint_security.jpg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Endpoint_security.jpg 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Endpoint_security-300x137.jpg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Endpoint_security-600x273.jpg 600w\" sizes=\"(max-width: 768px) 100vw, 768px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h5>Endpoint security<\/h5>  <p>Considered as a subset of network security, the endpoints that need to be secured include: <\/p>  <\/div><\/div>[vc_column_text]\n<ol>\n<li>Desktops and laptops<\/li>\n<li>Mobile devices -smartphones and tablets-<\/li>\n<li>Network devices -modems and switches-<\/li>\n<li>Connected or Internet of Things (IoT) devices -including connected printers, smart assistants, and sensors-<\/li>\n<\/ol>\n<p>Common types of endpoint security solutions and best practices include: 1) <a href=\"https:\/\/www.crowdstrike.com\/cybersecurity-101\/endpoint-protection-platforms\/\"><strong>endpoint protection platforms<\/strong><\/a> (EPP) and <a href=\"https:\/\/www.crowdstrike.com\/cybersecurity-101\/endpoint-security\/endpoint-detection-and-response-edr\/\"><strong>endpoint detection and response<\/strong><\/a> (EDR); 2) <strong>disk encryption<\/strong>, and 3) <a href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/mobile-device-management\"><strong>mobile device management<\/strong><\/a> (MDM).[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"1200\" height=\"675\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper.jpg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper.jpg 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper-300x169.jpg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper-768x432.jpg 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper-600x338.jpg 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper-1170x658.jpg 1170w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/cloud-security-whitepaper-800x450.jpg 800w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h5>Cloud security<\/h5>  <p>It refers to the technology, policies, and processes used to mitigate the security risks of cloud computing (public, private, or hybrid clouds).<\/p>  <\/div><\/div>[vc_column_text]In general, the provider is responsible for the security \u201cof\u201d the cloud (underlying infrastructure) and\u00a0 the cloud consumer (the organization) is responsible for the security \u201cin\u201d the cloud (data and management).<\/p>\n<p>Solutions to consider for securing the cloud are: 1) <strong><a href=\"https:\/\/www.skyhighsecurity.com\/en-us\/cybersecurity-defined\/what-is-a-casb.html\">cloud access security broker<\/a> <\/strong>(CASB); 2) <a href=\"https:\/\/www.onelogin.com\/learn\/iam\"><strong>identity and access management <\/strong><\/a>(IAM), and 3) <a href=\"https:\/\/www.onelogin.com\/learn\/what-is-mfa\"><strong>multifactor authentication<\/strong><\/a>.[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"600\" height=\"400\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/application-security-basics.webp\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/application-security-basics.webp 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/application-security-basics-300x200.webp 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h5>Application security<\/h5>  <p>Although being a major focus for developers, it goes beyond the development and design process. Organizations need to continuously ensure that applications they have deployed remain secure throughout their lifecycle.<\/p>  <\/div><\/div>[vc_column_text]These are some of the practices and solutions to consider for this type of cybersecurity: 1) <a href=\"https:\/\/www.cledara.com\/saas-management\"><strong>SaaS management<\/strong><\/a>; 2) <strong>r<\/strong><strong>isk ass<\/strong><strong>essment and patching<\/strong>, and 3)<a href=\"https:\/\/www.citrix.com\/solutions\/secure-access\/what-is-access-control.html\"><strong> a<\/strong><strong>ccess controls<\/strong><\/a>.[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"1300\" height=\"897\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system.webp\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system.webp 1300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system-300x207.webp 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system-1200x828.webp 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system-768x530.webp 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/internet-security-system-600x414.webp 600w\" sizes=\"(max-width: 1300px) 100vw, 1300px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h5>Internet security<\/h5>  <p>Internet-borne threats are behind the majority of data breaches. Although other types of cybersecurity help defend against internet threats, the prevalence and magnitude of these threats warrant placing internet security into its own category.<\/p>  <\/div><\/div>[vc_column_text]To protect organizations against internet threats, some of the cybersecurity measures to consider include: 1)\u00a0<a href=\"https:\/\/www.infoblox.com\/dns-security-resource-center\/dns-security-faq\/what-is-dns-protection\/\"><strong>DNS-layer protection<\/strong><\/a>; 2) <a href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/email-security\"><strong>email security<\/strong><\/a>, and 3) <a href=\"https:\/\/www.paloaltonetworks.com\/cyberpedia\/what-is-url-filtering\"><strong>URL filtering<\/strong><\/a>.[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Top 6 cybersecurity trends in Healthcare&#8221; tab_id=&#8221;1652262207169-89599ae9-86e7&#8243;][vc_column_text]In 2022, cyber-threats against the healthcare industry will likely continue. To be secure, medical device manufacturers and healthcare providers will need to <strong>go beyond defensive cybersecurity strategies<\/strong> and incorporate cyber resiliency.<\/p>\n<p>As more healthcare organizations are aware of the importance of implementing tools and strategies in terms of cybersecurity, the following <strong>cybersecurity trends<\/strong> are expected to emerge.[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 1: Prevention begins with endpoint education<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Employees are on the front line of defense against cyberattacks, since endpoint security systems can fail to capture all threats. This means that\u00a0<strong>cyber risk education is vital<\/strong>.<\/li>\n<li>Since endpoints are the weakest link in a clinical setting, healthcare organizations would benefit of having rigorous and\u00a0<strong>effective endpoint security<\/strong>\u00a0measures.<\/li>\n<li>All healthcare organizations should seek ongoing\u00a0<strong>training programmes for data privacy, protection, and cybersecurity<\/strong>, and aimed to different categories of staff (IT-personnel, medical personnel, and decision-makers).<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 2: Multi-factor authentication uptake is on the rise<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Multi-factor authentication adds a\u00a0<strong>layer of security<\/strong>\u00a0for the environment, and it is\u00a0<strong>widely valued in healthcare settings<\/strong>\u00a0and its adoption continues to rise.<\/li>\n<li>By working with security providers, healthcare organizations can facilitate the implementation of two-factor\u00a0<strong>authentication at a low cost<\/strong>\u00a0as well as its\u00a0<strong>integration with internal systems<\/strong>.<\/li>\n<li><strong>Enabling two-factor authentication has become key<\/strong>\u00a0for healthcare providers as they look to protect patient data from unauthorized access and tampering.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 3: Biometrics<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Biometrics allows to <strong>identify and authenticate individuals<\/strong> in a <strong>fast and reliable way<\/strong>, through the use of unique biological characteristics. This technology is being explored by more advanced healthcare organizations.<\/li>\n<li>It is expected that the <strong>use of biometrics<\/strong> in healthcare organizations<strong> will grow over the next three to five years<\/strong>, as a way to offer extra cybersecurity layers, control identity management and access.<\/li>\n<li>The main <strong>barrier<\/strong> to implementing <strong>biometric measures for patients<\/strong> remains privacy and security. Thus, biometric measures are currently limited to clinical staff.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 4: Network segmentation reinforces providers' security<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Network segmentation involves separating each network and making it visible only to those who have the right to access it. It represents a <strong>way to control <\/strong>levels of <strong>access to sensitive data<\/strong>.<\/li>\n<li>It can limit access to medical data and <strong>ensure compliance<\/strong> with regulations.<\/li>\n<li>Moreover, network segmentation can help <strong>restrict the movement of the threat<\/strong> across the networks.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 5: Real-time analytics detect advanced threats<\/span><\/h5>[vc_column_text]\n<ul>\n<li>While healthcare providers already apply <strong>analytics<\/strong> to some extent to <strong>improve population health management<\/strong> and <strong>clinical efficiency<\/strong>, it has not yet been used to reinforce the security position of companies and organizations.<\/li>\n<li><strong>Behavioral analysis<\/strong> is a niche technique within the healthcare sector; in other industries, it has already proven to be effective against outsider and insider threats by detecting abnormal activities.<\/li>\n<li>Real-time analytics are considered <strong>more powerful<\/strong>, as legacy security information and event management Systems are no longer well-placed to detect advanced threats.<\/li>\n<\/ul>\n[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Trend 6: Push for increasing medical device cybersecurity regulations<\/span><\/h5>[vc_column_text]\n<ul>\n<li>Novel medical devices are increasing in connectedness to the Internet, and can receive data, send data, or both. The use of these <strong>connected devices<\/strong> brings the<strong> risk for hacking<\/strong> directly to patients.<\/li>\n<li>The EU has recently initiated the GDPR and published <strong>cybersecurity recommendations<\/strong> for medical device industry. Similarly, the FDA has issued two guidance documents for medical device manufacturers.<\/li>\n<li>More <strong>stringent regulations and guidelines<\/strong> are crucial to encourage manufacturers to incorporate cybersecurity as a core component of device development.<\/li>\n<\/ul>\n[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Measures to ensure cybersecurity&#8221; tab_id=&#8221;1652262316438-1ac4fda2-76e4&#8243;]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>EU measures<\/span><\/h5><h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>The NIS2 Directive<\/span><\/h6>[vc_column_text]The Network and Information Security (<a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016L1148&amp;from=EN\">NIS<\/a>) Directive is the first piece of EU-wide legislation on cybersecurity, and its specific aim was to achieve a high common level of cybersecurity across the Member States. While it increased the Member States&#8217; cybersecurity capabilities, its implementation proved difficult, resulting in <strong>fragmentation at different levels<\/strong> across the internal market.<\/p>\n<p>To respond to the <strong>growing threats posed with digitalisation<\/strong> and <strong>the<\/strong> <strong>surge in cyber-attacks<\/strong>, the Commission has submitted the <a href=\"https:\/\/www.europarl.europa.eu\/RegData\/etudes\/BRIE\/2021\/689333\/EPRS_BRI(2021)689333_EN.pdf\">NIS2<\/a> to replace the NIS Directive and thereby strengthen the security requirements, address the security of supply chains, streamline reporting obligations, and introduce more stringent supervisory measures and stricter enforcement requirements, including harmonised sanctions across the EU.[\/vc_column_text]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Medical Device Regulation 745\/2017 (MDR) and In Vitro Diagnostic Regulation 746\/2017 (IVDR)<\/span><\/h6>[vc_column_text]Approved on May 25 2017, <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32017R0745\">MDR<\/a> and <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32017R0746&amp;from=EN\">IVDR<\/a> establish relevant <strong>guidelines in relation to medical devices incorporating information systems<\/strong>. They place <strong>cybersecurity<\/strong> as an aspect to be taken into account throughout the entire <strong>lifecycle of devices<\/strong>, from the design and manufacturing processes to their withdrawal.<\/p>\n<p>Thus, manufacturers are responsible for developing and manufacturing medical devices in accordance with the state of the art, the principles of risk management and best practices in cybersecurity. Health centres must adapt their processes to comply with these best practices. The two regulations also establish the obligation to obtain a certificate (<strong>CE marking<\/strong>) and follow the <strong>cybersecurity requirements<\/strong>\u00a0to be able to supply devices to member states.[\/vc_column_text]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>General Data Protection Regulation (GDPR)<\/span><\/h6>[vc_column_text]Approved by the European Parliament on April 14 2016, it came into effect on May 25 2018. <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679\">GDPR<\/a> sought to <strong>protect and empower EU citizen data privacy<\/strong> and enforce structural changes in the way that organizations approach customer data privacy and protection.<\/p>\n<p>To align with GDPR regulations, health systems have had to make operational and technological advancements. Under GDPR, non-compliant organizations could suffer fines of 4% of their annual turnover or \u20ac20M ($26M).[\/vc_column_text]<h5 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>National measures<\/span><\/h5><h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Esquema Nacional de Seguridad (ENS)<\/span><\/h6>[vc_column_text]The <a href=\"https:\/\/ens.ccn.cni.es\/es\/esquema-nacional-de-seguridad-ens\/ens-infografias\">ENS<\/a> establishes the principles that regulate and ensure<strong> the access, integrity, availability and truthfulness of the information used in electronic media<\/strong> in or related to Public Administrations (state, regional and local). The regulation has undergone constant evolution since its first development in 2010 (royal decree 3\/2010, 951\/2015 and 311\/2022).<\/p>\n<p>The ENS is the result of the work of <em>Ministerio de la Presidencia<\/em> and later of <em>Ministerio de Pol\u00edtica Territorial<\/em> and <em>Administraci\u00f3n P\u00fablica<\/em>, with the support of\u00a0<a href=\"https:\/\/www.ccn-cert.cni.es\/\"><i>Centro Criptol\u00f3gico Nacional<\/i><\/a> (CNN) and the participation of all Public Administrations.[\/vc_column_text]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Ley Org\u00e1nica de Protecci\u00f3n de Datos Personales y garant\u00eda de los derechos digitales (LOPD-GDD)<\/span><\/h6>[vc_column_text]Approved on October 18 2018, <a href=\"https:\/\/www.boe.es\/buscar\/pdf\/2018\/BOE-A-2018-16673-consolidado.pdf\">LOPD-GDD<\/a> adapts Spanish law to the model established by GDPR. Its purpose is to <strong>protect the intimacy, privacy and integrity of the individual<\/strong>, in compliance with article 18.4 of the Spanish Constitution. In the same way, it regulates the obligations of the individual in all data transfer processes to guarantee the security of the exchange.<\/p>\n<p>LOPD-GDD establishes many changes with respect to the previous <em>Ley de Protecci\u00f3n de datos<\/em> (1999), modifying the requirements to obtain information, save it or share it, and establishes changes in relation to the treatment of user data on the Internet.[\/vc_column_text]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>ISO\/IEC 27000<\/span><\/h6>[vc_column_text]ISO 27000 is a standard that defines how an Information Security Management System should be implemented in a company or organization.<\/p>\n<p>Its implementation offers organizations (public and private) the advantage of protecting their information in the most reliable way, pursuing three main objectives: 1) <strong>preserve the confidentiality<\/strong> of the data; 2) <strong>preserve the integrity<\/strong> of the data, and 3) <strong>availability of protected information<\/strong>.[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Global Healthcare cybersecurity market size&#8221; tab_id=&#8221;1652262348764-3e22fe57-965c&#8221;][vc_column_text]Healthcare systems face numerous threats from cyber-attacks as detailed above, and hospitals are spending huge money to prepare firewalls and protect their patients\u2019 data.<\/p>\n<p>The<strong> global healthcare cybersecurity market was valued at $12.85 billion in 2020<\/strong>, and is projected to reach $57.25 billion by 2030, growing at a CAGR of 16.3% during the forecast period.[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"2560\" height=\"1707\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-scaled.jpg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-scaled.jpg 2560w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-300x200.jpg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-1200x800.jpg 1200w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-768x512.jpg 768w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-600x400.jpg 600w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-1536x1024.jpg 1536w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/mathieu-stern-1zO4O3Z0UJA-unsplash-1920x1280.jpg 1920w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Market drivers<\/h6>  <p>Increased number of cyber-attacks and rise in demand for cloud services propel the growth of the global healthcare cyber security industry. <\/p>  <\/div><\/div>[vc_column_text]Moreover, regulatory and government policies encouraging improvement in the security standards of the healthcare industry positively impact the growth of the healthcare cyber security market growth.<\/p>\n[\/vc_column_text]<div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"650\" height=\"488\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/1.webp\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/1.webp 650w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/1-300x225.webp 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/1-600x450.webp 600w\" sizes=\"(max-width: 650px) 100vw, 650px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Market by type of attack<\/h6>  <p>The ransomware segment had the most substantial growth in the market in 2020. Increasing data breaches caused by using this software are attributed to this development. <\/p>  <\/div><\/div><div class=\"eut-element eut-image-text\" style=\"\"><div class=\"eut-image\"><img width=\"766\" height=\"466\" src=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Cybersecurity.jpeg\" class=\"attachment-full size-full\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Cybersecurity.jpeg 766w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Cybersecurity-300x183.jpeg 300w, https:\/\/www.tauli.cat\/institut\/wp-content\/uploads\/2022\/05\/Cybersecurity-600x365.jpeg 600w\" sizes=\"(max-width: 766px) 100vw, 766px\" \/><\/div>  <div class=\"eut-content eut-align-left\"><h6>Market by type of cybersecurity<\/h6>  <p>The network security segment dominated the market share in 2020, and is expected to continue this trend.<\/p>  <\/div><\/div>[vc_column_text]However, the application security segment is expected to witness highest growth in the upcoming years, as the healthcare sector has inclined toward application security solutions to safeguard their data.[\/vc_column_text][\/vc_tta_section][vc_tta_section title=&#8221;Players&#8221; tab_id=&#8221;1652262387542-c60c8d74-86c9&#8243;][vc_column_text]In this section, the <strong>major technology areas<\/strong> that make up the cybersecurity sector are detailed, as well as the <strong>leading players<\/strong>.[\/vc_column_text]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Security operations centers<\/span><\/h6>[vc_single_image image=&#8221;8326&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Security engineering<\/span><\/h6>[vc_single_image image=&#8221;8330&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Device security<\/span><\/h6>[vc_single_image image=&#8221;8332&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>User and identity<\/span><\/h6>[vc_single_image image=&#8221;8334&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Global risk and compliance<\/span><\/h6>[vc_single_image image=&#8221;8336&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;]<h6 class=\"eut-element eut-align-left eut-title-no-line\" style=\"\"><span>Security services<\/span><\/h6>[vc_single_image image=&#8221;8338&#8243; img_size=&#8221;large&#8221; add_caption=&#8221;yes&#8221; alignment=&#8221;center&#8221;][\/vc_tta_section][\/vc_tta_accordion][\/vc_column][\/vc_row]\n<\/div>","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text]Over the last years, hospitals and health systems have increasingly embraced digital technologies, such as cloud, Big Data, Internet of Things (IoT), remote monitoring, and more, to offer the best patient care. However, as more digital technologies are adopted, the risk of cyberattack potentially increases.<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":18,"featured_media":7936,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/posts\/7930"}],"collection":[{"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/comments?post=7930"}],"version-history":[{"count":199,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/posts\/7930\/revisions"}],"predecessor-version":[{"id":8426,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/posts\/7930\/revisions\/8426"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/media\/7936"}],"wp:attachment":[{"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/media?parent=7930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/categories?post=7930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tauli.cat\/institut\/wp-json\/wp\/v2\/tags?post=7930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}