Kompetenzorientierte und stellenspezifische IT-Sicherheit für MitarbeiterInnen in Krankenhäusern

Partners: Chair of Information Security and Compliance - University of Goettingen (Project Lead), Chair of Inter-organizational Systems - University of Goettingen, Universitätsklinikum Göttingen, University of Hohenheim

Funding Body: Federal Ministry of Health (BMG, Bundesministerium für Gesundheit)

Project Duration: 12/2021 - 11/2024

Currently, numerous cases of professional cyber attacks on critical infrastructure, e.g. by the extortion software "Emotet", illustrate the shortcomings and vulnerability of German hospitals. Hospital employees often represent the central gateway for cyber attacks. Their targeted qualification through employee-centric ITS measures is therefore of particular relevance. The central question of the KISK project is how established methods of professional competence modeling and measurement can and should be used to efficiently and sustainably improve employee-related information security (ITS) in hospitals. On the one hand, the project aims to identify security-related training needs of employees in hospitals. On the other hand, the objective is to develop suited ITS training offers which impact security-related behavior of all kinds of employees in hospitals.