Security is caring: improving cybersecurity culture in healthcare
“We need to move people from simply knowing what they should do to wanting to do it and to be motivated to be cyber secure.”
- Healthcare organisations need to mature their approach to cyber security behaviours. Unfortunately, in healthcare, prioritisation seems to be on patient care, not on cyber security. Moreover, even if cyber security was employed, it’s compliance-focused, which focus on GDPR rather than cyber security as a whole.
- This needs to be improved because the healthcare sector is increasingly being targeted (e.g., WannaCry & COVID-19 discount). Besides, policy and awareness training itself is not enough to provide behaviour and culture change. A holistic and co-creative approach could help address these issues and provide long-term sustainable culture change in healthcare. For example, getting all stakeholders on board and refocusing their thinking away from cybersecurity simply for compliance and towards seeing it as an issue of patient protection and privacy.
More about Lynne
Professor Lynne Coventry leads an interdisciplinary research theme – human and digital design. She is an interdisciplinary researcher who investigates the relationship between design and human behaviour. She is particularly interested in inclusive privacy and security, exploring how the biggest security issues exist at the intersection of communities, disciplines, technology and policies.