Date of Conferral

3-6-2024

Date of Award

March 2024

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Donald Carpenter

Abstract

Healthcare organizations’ (HCOs’) information systems (IS) are prone to increasing ransomware cyberattacks. For HCO information technology (IT) leaders, protecting IS from ransomware attacks is vital because these systems manage large amounts of confidential and sensitive data. Grounded in general systems theory, the purpose of this qualitative pragmatic inquiry study was to explore strategies used by IT leaders in HCOs to protect IS from ransomware attacks. Participants included eight IT leaders from HCOs in the United States responsible for IS protection against ransomware cyberattacks. Data sources included semistructured interviews conducted with the participants via videoconferencing, the researcher’s field notes, and 10 online industry documents. Data were analyzed using a thematic analysis; three themes emerged: (a) implement and align technical defense practices with protective technology tools; (b) assess and align security planning elements such as governance, procedures, and policies; and (c) monitor and measure human security elements such as security training and security awareness. IT leaders should implement robust security policies and procedures with proper planning skills aligned with organizational training and awareness plans. The implications for positive social change include the potential to increase security standards that help protect HCOs, thus providing better protection for health IS and personally identifiable patient information.

Download

Share

 
COinS