Protecting Healthcare from Cyber Threats: Integrating Behavioral Insights into Cybersecurity Strategies

Abstract

Cybersecurity breaches in healthcare often stem from human-factor vulnerabilities such as phishing, social engineering and policy non-compliance. Despite evolving technical defenses, behavioral risk remains a critical gap. This study uses Protection Motivation Theory (PMT) to examine how healthcare cybersecurity professionals perceive and address these threats. Semi-structured interviews with ten professionals revealed five themes: (1) tension between clinical workflows and security, (2) limited impact of generic training, (3) policy inconsistencies among leadership, (4) value of mentorship and IT presence and; (5) need for behavioral design in policies and technology. Findings suggest healthcare cybersecurity must prioritize human-centered design, participatory policy-making and adaptive interventions, offering practical insights to bolster cyber resilience.