The eHealth sector in Portugal faces significant cybersecurity challenges, including increasing cyber threats and vulnerabilities, inadequate cybersecurity measures, and a short-age of skilled cybersecurity professionals. The importance of addressing these challenges has been emphasised by the European Union’s Network and Information Systems (NIS) Directive, which aims to ensure a high common level of cybersecurity across the EU by requiring Member States to adopt national cybersecurity measures and cooperate on incident response. In response to these challenges, we propose in this work, a project capable of improving the cybersecurity posture of eHealth systems in Portugal. The project proposes a novel approach to establishing connections with various organisations, including the national CERT.PT and PANORAMA, for incident response and information sharing. The tasks involved in the project include risk assessment, penetration testing, skills gap analysis, training, incident notification and communication, and controls implementation. By implementing these tasks, the project has the potential to improve the incident response capabilities and overall cybersecurity posture of eHealth systems. © 2023 IEEE.
Add the full text or supplementary notes for the publication here using Markdown formatting.