Abstract
As technology has become more prevalent in today’s society, the need for strong cybersecurity in all aspects of software and hardware has grown exponentially. Every software tool attempts to give as much information as possible on how to prevent cyberattacks, but the best way to fix these attacks would be to solidify the security that exists within the software itself. The technical project focuses on creating a method (Microsoft Sentinel) to alert companies to security threats within their technology, allowing them to find attacks as they are happening and fix holes in the software that allow these hacks. While this technical project is helpful to major companies, a large amount of cybersecurity attacks and data leaks happen in very specific devices, which need to be analyzed in depth for a better cybersecurity fix. This leads into the STS research project, which finds methods of improving cybersecurity in a specific wearable healthcare technology, the smartwatch. The analysis from the STS research project gives more information that can be used in a future technical project of preventing cyberattacks.
Microsoft Sentinel, a cloud-native solution for providing security information and event management, created a new Upload Indicators API to replace its inefficient preexisting one that could only handle one indicator per request. The new API allowed customers to send multiple indicators per request, improved performance, and streamlined the authorization process, but needed the creation of a new data connector and sample code for public usage. To produce the tools for the API, the agreed-upon solution utilized a codeless connector format within Microsoft that consisted of an ARM template, and an object-oriented python project that connected to a MISP Server and the new API to upload and download indicators. The project successfully created both the data connector and sample code and allowed for the production of documentation (both internal and external) for future use of both products. In the future, it is expected that unit tests would be created for the sample code to permit customers to do additional testing, as well as increase the visibility of the data connector for other teams within the company to use for their own endeavors.
The average smartwatch tracks location, heart rate, sleep patterns, and other privileged data about a user. In recent years, there have been hacks on smartwatch databases that store over 60 million consumers records collectively. This STS research aims to find methods to improve cybersecurity in smartwatches. As such, the research question is “How can cybersecurity in the wearable healthcare technology of smartwatches be improved?” The STS framework used to support this research question is Actor-Network Theory. This framework views anything that can cause results as an actor and connects these actors to build a network of relationships that can be used to understand the intricacies of the attachments involved in the network of cybersecurity in healthcare technology. While this is something that has not been researched much in the past, this paper aims to find possible solutions to the cybersecurity issues that occur with smartwatches. This research would be significant to the field of Engineering, as a smartwatch is a more recent piece of technology built by engineers. This research also has a significance in STS, as it aims to prevent attackers from hacking smartwatch users, leaning into the ethics of STS from both a cultural and social context.
Both the Microsoft Sentinel project and the improvement of cybersecurity in wearable healthcare technology project demonstrate the STS goals of creating beneficial technology for society. Doing these projects at the same time had benefits for the STS research paper. Without the Microsoft Sentinel technical project, there would not have been as much of a motivation for the research into the STS paper. While working on the project, the team found many different cyberattacks at any given time, showing first-hand proof of how important cybersecurity is. This fueled the motivation for an insightful research paper that could find solutions to these cybersecurity issues, leading to the paper that was written.
