https://orcid.org/0000-0003-2445-8107
![Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5928/TOC-Subject-Sample-2021-Computer-Science.jpg"})
ABSTRACT
The healthcare sector is prone to Distributed Denial-of-Service and Ransomware attacks owing to unsecured networks and software. This results in stalling of outpatient and inpatient operations of a hospital. In this study, we propose an H-CRAM model that computes the risk of a cyber-attack based on the threat appraisal component of the Protection Motivation Theory (PMT) using multinomial logistic regression. We also hypothesize that training the healthcare staff, implementing IT governance, and intervening technology will decrease the probability of the occurrence of a cyber threat. The severity of the risk is computed using Collective Risk Modelling. Next, based on the coping appraisal component of PMT, Rational Choice Theory, and NIST guidelines, we propose that the CIO of a healthcare firm should first reduce the cyber-risk by investing in encrypting Electronic Health Records, Security Incident and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) tools. Then pass the residual cyber risk to a cyber insurer.
Disclosure statement
No potential conflict of interest was reported by the authors.
Correction Statement
This article has been corrected with minor changes. These changes do not impact the academic content of the article.
Additional information
Funding
Notes on contributors
Swati Jain
Swati Jain is pursuing her Doctoral degree at the Indian Institute of Management (IIM) Lucknow. She has published articles in conferences of international repute, notably the Americas Conference on Information Systems (AMCIS) and the Pre-International Conference On Information Systems (ICIS) workshops. Her research interests lie in Cyber-risk Management, Cybersecurity Data Analytics, Healthcare IT, and IT governance. Her industrial experience spans over a decade in the Information and Technology sector. She has worked with major multinational corporations, effectively managing portfolios of prominent clients such as British Telecom, CompuCom, and Odeon, among others based in the UK, US, and Australia.
Arunabha Mukhopadhyay
Dr. Arunabha Mukhopadhyay is a Professor of Information Technology & Systems Area at the Indian Institute of Management Lucknow (IIM Lucknow). He has obtained his Ph.D. and Post Graduate Diploma in Business Management (PGDBM) from the Indian Institute of Management Calcutta (IIM Calcutta) in Management Information Systems. He has published in various refereed journals and conferences, including Decision Support Systems (DSS), Information Systems Frontier (ISF), Journal of Organizational Computing and E-commerce (JOCEC), Journal of Global Information Technology Management (JGITM), JIPS, International Journal of Information Systems and Change Management (IJISCM), Decision, IIMB Review, Hawaii International Conference on System Sciences (HICSS), Americas Conference on Information Systems (AMCIS), Pre-International Conference On Information Systems (ICIS) workshops, Global Information Technology Management Association (GITMA), Conference of Information Systems and Technology Management (CISTM), International Conference on E-Governance (ICEG). He is the recipient of the Best Teacher in Information Technology Management award in 2013 and 2011, by the Star-DNA group B-School Award and the 19th Dewang Mehta Business School Award, in India, respectively. He is a Member of IEEE, AIS, ISACA, DSI, ITS, IFIP WG 11.1 and a Life Member of Computer Society of India (CSI), Telemedicine Society of India (TSI), Indian Insurance Institute (III), Actuarial Society of India (ASI), All India Management Association (AIMA), System Dynamics Society of India (SDSI) and, Operations Research Society of India (ORSI).
Saloni Jain
Saloni Jain has completed her Post Graduate Programme in Management (PGP) from Indian Institute of Management (IIM) Lucknow