Situation critical: intensive cybersecurity care needed

Lynne Coventry; Elizabeth Sillence; Richard Brown; Dawn Branley-Bell; Pasquale Mari; Caruso Saverio; Alessandra Casaroli; Fabio Rizzoni; Sabina Magalini

doi:10.1007/978-3-031-83072-3_6

Situation critical: intensive cybersecurity care needed

Lynne Coventry^*, Elizabeth Sillence, Richard Brown, Dawn Branley-Bell, Pasquale Mari, Caruso Saverio, Alessandra Casaroli, Fabio Rizzoni, Sabina Magalini

^*Corresponding author for this work

Department of Cybersecurity and Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

15 Downloads (Pure)

Abstract

Healthcare organisations are increasingly targeted by cybercriminals. Such attacks are not just an attack on data but on this critical infrastructure – putting lives at risk. They face multiple challenges in maintaining their cybersecurity, including the technology infrastructure in use, the heterogeneity of healthcare and admin staff and the IT and cybersecurity skills within the organization.

This paper focuses on healthcare and admin staff within a single hospital in Italy. The study sought to understand the differences in perceptions of culture between different staff groups and the overall relationship between these perceptions and behaviours.

The methodology consisted of a cultural, behavioural and data use questionnaire, translated into Italian and distributed to doctors, nurses and administrators.

Linear regression models suggest that security culture significantly predicts how important and achievable staff perceive cybersecurity behaviours to be. Further analyses found significant differences between the doctors and other staff groups. Doctors reported a significantly more negative perception of cybersecurity culture. They also perceived cybersecurity behaviours to be significantly less important and less achievable than the other two groups. Doctors were also most likely to copy and access patient data outside of the institution, albeit for benign or patient centered reasons.

Overall, in terms of cybersecurity, doctors were the least compliant staff group – albeit with the best of intentions (i.e., focus upon patient care). These data, alongside other research, suggest that healthcare staff focus on delivering patient care and see cybersecurity as interfering with, rather than facilitating, their clinical practice. There is a need for change to ensure that cybersecurity measures are appropriate, work within the clinical workflow and staff accept cybersecurity as crucial to protecting patients.

Original language	English
Title of host publication	Socio-Technical Aspects in Security
Subtitle of host publication	12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers
Editors	Maryam Mehrnezhad, Simon Parkin
Place of Publication	Cham
Publisher	Springer
Pages	93–112
Number of pages	20
ISBN (Electronic)	9783031830723
ISBN (Print)	9783031830716
DOIs	https://doi.org/10.1007/978-3-031-83072-3_6
Publication status	Published - 13 Mar 2025
Event	12th International Workshop on Socio-Technical Aspects in Security - Copenhagen, Denmark Duration: 29 Sept 2022 → 29 Sept 2022 Conference number: 12th https://stast.uni.lu/2022/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	13855
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	12th International Workshop on Socio-Technical Aspects in Security
Abbreviated title	STAST 2022
Country/Territory	Denmark
City	Copenhagen
Period	29/09/22 → 29/09/22
Internet address	https://stast.uni.lu/2022/

Keywords

Cybersecurity
Culture
Perception
Behaviours

Access to Document

10.1007/978-3-031-83072-3_6Licence: CC BY

Coventry_SituationCritical_Published_2025Final published version, 906 KBLicence: CC BY

Cite this

Coventry, L., Sillence, E., Brown, R., Branley-Bell, D., Mari, P., Saverio, C., Casaroli, A., Rizzoni, F., & Magalini, S. (2025). Situation critical: intensive cybersecurity care needed. In M. Mehrnezhad, & S. Parkin (Eds.), Socio-Technical Aspects in Security: 12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers (pp. 93–112). (Lecture Notes in Computer Science; Vol. 13855). Springer. https://doi.org/10.1007/978-3-031-83072-3_6

Coventry, Lynne ; Sillence, Elizabeth ; Brown, Richard et al. / Situation critical : intensive cybersecurity care needed. Socio-Technical Aspects in Security: 12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers. editor / Maryam Mehrnezhad ; Simon Parkin. Cham : Springer, 2025. pp. 93–112 (Lecture Notes in Computer Science).

@inproceedings{64bf2a157f824e4aa47b759942064727,

title = "Situation critical: intensive cybersecurity care needed",

abstract = "Healthcare organisations are increasingly targeted by cybercriminals. Such attacks are not just an attack on data but on this critical infrastructure – putting lives at risk. They face multiple challenges in maintaining their cybersecurity, including the technology infrastructure in use, the heterogeneity of healthcare and admin staff and the IT and cybersecurity skills within the organization. This paper focuses on healthcare and admin staff within a single hospital in Italy. The study sought to understand the differences in perceptions of culture between different staff groups and the overall relationship between these perceptions and behaviours. The methodology consisted of a cultural, behavioural and data use questionnaire, translated into Italian and distributed to doctors, nurses and administrators. Linear regression models suggest that security culture significantly predicts how important and achievable staff perceive cybersecurity behaviours to be. Further analyses found significant differences between the doctors and other staff groups. Doctors reported a significantly more negative perception of cybersecurity culture. They also perceived cybersecurity behaviours to be significantly less important and less achievable than the other two groups. Doctors were also most likely to copy and access patient data outside of the institution, albeit for benign or patient centered reasons. Overall, in terms of cybersecurity, doctors were the least compliant staff group – albeit with the best of intentions (i.e., focus upon patient care). These data, alongside other research, suggest that healthcare staff focus on delivering patient care and see cybersecurity as interfering with, rather than facilitating, their clinical practice. There is a need for change to ensure that cybersecurity measures are appropriate, work within the clinical workflow and staff accept cybersecurity as crucial to protecting patients.",

author = "Lynne Coventry and Elizabeth Sillence and Richard Brown and Dawn Branley-Bell and Pasquale Mari and Caruso Saverio and Alessandra Casaroli and Fabio Rizzoni and Sabina Magalini",

note = "{\textcopyright} 2025 The Author(s) This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. Data availability statement: Not present.; 12th International Workshop on Socio-Technical Aspects in Security, STAST 2022 ; Conference date: 29-09-2022 Through 29-09-2022",

year = "2025",

month = mar,

day = "13",

doi = "10.1007/978-3-031-83072-3\_6",

language = "English",

isbn = "9783031830716",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "93–112",

editor = "Maryam Mehrnezhad and Simon Parkin",

booktitle = "Socio-Technical Aspects in Security",

url = "https://stast.uni.lu/2022/",

}

Coventry, L, Sillence, E, Brown, R, Branley-Bell, D, Mari, P, Saverio, C, Casaroli, A, Rizzoni, F & Magalini, S 2025, Situation critical: intensive cybersecurity care needed. in M Mehrnezhad & S Parkin (eds), Socio-Technical Aspects in Security: 12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers. Lecture Notes in Computer Science, vol. 13855, Springer, Cham, pp. 93–112, 12th International Workshop on Socio-Technical Aspects in Security, Copenhagen, Denmark, 29/09/22. https://doi.org/10.1007/978-3-031-83072-3_6

Situation critical: intensive cybersecurity care needed. / Coventry, Lynne; Sillence, Elizabeth; Brown, Richard et al.
Socio-Technical Aspects in Security: 12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers. ed. / Maryam Mehrnezhad; Simon Parkin. Cham: Springer, 2025. p. 93–112 (Lecture Notes in Computer Science; Vol. 13855).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Situation critical

T2 - 12th International Workshop on Socio-Technical Aspects in Security

AU - Coventry, Lynne

AU - Sillence, Elizabeth

AU - Brown, Richard

AU - Branley-Bell, Dawn

AU - Mari, Pasquale

AU - Saverio, Caruso

AU - Casaroli, Alessandra

AU - Rizzoni, Fabio

AU - Magalini, Sabina

N1 - Conference code: 12th

PY - 2025/3/13

Y1 - 2025/3/13

N2 - Healthcare organisations are increasingly targeted by cybercriminals. Such attacks are not just an attack on data but on this critical infrastructure – putting lives at risk. They face multiple challenges in maintaining their cybersecurity, including the technology infrastructure in use, the heterogeneity of healthcare and admin staff and the IT and cybersecurity skills within the organization. This paper focuses on healthcare and admin staff within a single hospital in Italy. The study sought to understand the differences in perceptions of culture between different staff groups and the overall relationship between these perceptions and behaviours. The methodology consisted of a cultural, behavioural and data use questionnaire, translated into Italian and distributed to doctors, nurses and administrators. Linear regression models suggest that security culture significantly predicts how important and achievable staff perceive cybersecurity behaviours to be. Further analyses found significant differences between the doctors and other staff groups. Doctors reported a significantly more negative perception of cybersecurity culture. They also perceived cybersecurity behaviours to be significantly less important and less achievable than the other two groups. Doctors were also most likely to copy and access patient data outside of the institution, albeit for benign or patient centered reasons. Overall, in terms of cybersecurity, doctors were the least compliant staff group – albeit with the best of intentions (i.e., focus upon patient care). These data, alongside other research, suggest that healthcare staff focus on delivering patient care and see cybersecurity as interfering with, rather than facilitating, their clinical practice. There is a need for change to ensure that cybersecurity measures are appropriate, work within the clinical workflow and staff accept cybersecurity as crucial to protecting patients.

AB - Healthcare organisations are increasingly targeted by cybercriminals. Such attacks are not just an attack on data but on this critical infrastructure – putting lives at risk. They face multiple challenges in maintaining their cybersecurity, including the technology infrastructure in use, the heterogeneity of healthcare and admin staff and the IT and cybersecurity skills within the organization. This paper focuses on healthcare and admin staff within a single hospital in Italy. The study sought to understand the differences in perceptions of culture between different staff groups and the overall relationship between these perceptions and behaviours. The methodology consisted of a cultural, behavioural and data use questionnaire, translated into Italian and distributed to doctors, nurses and administrators. Linear regression models suggest that security culture significantly predicts how important and achievable staff perceive cybersecurity behaviours to be. Further analyses found significant differences between the doctors and other staff groups. Doctors reported a significantly more negative perception of cybersecurity culture. They also perceived cybersecurity behaviours to be significantly less important and less achievable than the other two groups. Doctors were also most likely to copy and access patient data outside of the institution, albeit for benign or patient centered reasons. Overall, in terms of cybersecurity, doctors were the least compliant staff group – albeit with the best of intentions (i.e., focus upon patient care). These data, alongside other research, suggest that healthcare staff focus on delivering patient care and see cybersecurity as interfering with, rather than facilitating, their clinical practice. There is a need for change to ensure that cybersecurity measures are appropriate, work within the clinical workflow and staff accept cybersecurity as crucial to protecting patients.

U2 - 10.1007/978-3-031-83072-3_6

DO - 10.1007/978-3-031-83072-3_6

M3 - Conference contribution

SN - 9783031830716

T3 - Lecture Notes in Computer Science

SP - 93

EP - 112

BT - Socio-Technical Aspects in Security

A2 - Mehrnezhad, Maryam

A2 - Parkin, Simon

PB - Springer

CY - Cham

Y2 - 29 September 2022 through 29 September 2022

ER -

Coventry L, Sillence E, Brown R, Branley-Bell D, Mari P, Saverio C et al. Situation critical: intensive cybersecurity care needed. In Mehrnezhad M, Parkin S, editors, Socio-Technical Aspects in Security: 12th International Workshop, STAST 2022, Copenhagen, Denmark, September 29, 2022, Revised Selected Papers. Cham: Springer. 2025. p. 93–112. (Lecture Notes in Computer Science). Epub 2025 Mar 13. doi: 10.1007/978-3-031-83072-3_6

Situation critical: intensive cybersecurity care needed

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this