Skip to main content

A Practice-Based Approach to Security Management: Materials, Meaning and Competence for Trainers of Healthcare Cybersecurity

  • 402 Accesses

Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)

Abstract

Managing how new digital technologies are integrated into different contexts has become a key component needed for effective international security management. This chapter focuses on rethinking our approach to the integration of digital technologies within (cyber)security work. Most analyses of security take for granted a problematic split between technologies involved in securing specific contexts and the humans involved with or operating such devices. By shifting to a practice theory approach, we offer a more holistic view of security by examining not only the implementation of technologies or human factors but also how this affects the meaning these practices hold. We highlight how this comes into being in the healthcare domain by drawing on interviews with trainers who are actively involved in providing this type of change management. Trainers relate to the daily practices of healthcare staff they train by taking into account the materials they work with, the skills they need and which meaning these practices may hold for them building on this. As such, trainers can be conceived of as mediators of practices and a practice theory approach offers a clearer sense of how to implement security change management.

Keywords

  • Cybersecurity
  • Practice theory
  • Security culture
  • Trainer experiences

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-42523-4_24
  • Chapter length: 13 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   129.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-42523-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   169.99
Price excludes VAT (USA)
Hardcover Book
USD   169.99
Price excludes VAT (USA)

Notes

  1. 1.

    https://www.bbc.com/news/health-39899646.

  2. 2.

    In total, nineteen semi-structured interviews were conducted by the authors and consortium partners in the SecureHospitals.eu project (funded under the EU Horizon 2020 scheme). The interviews lasted between 30 and 75 min. For each interview, a verbatim transcript was made for the purpose of analysis. We applied thematic analysis as a process of “identifying, analysing and reporting patterns (themes) within data” (Braun and Clarke 2006, p. 79). After completing the analysis, the themes and underlying codes were structured into a narrative format for this chapter. Key quotes are used to illustrate the findings and to provide deeper insights into the experiences of trainers.

  3. 3.

    All the names have been changed to pseudonyms to protect the privacy of the trainers we interviewed.

References

  • Ayala, L. (2016). Cybersecurity for hospitals and healthcare facilities. A guide to detection and prevention. New York, US: Apress.

    CrossRef  Google Scholar 

  • Baldwin, D. A. (1997). The concept of security. Review of International Studies, 23, 5–26.

    CrossRef  Google Scholar 

  • Boyes, H. (2015). Cybersecurity and cyber-resilient supply chains. Technology Innovation Management Review, 5(4), 28–34.

    CrossRef  Google Scholar 

  • Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77–101.

    CrossRef  Google Scholar 

  • Cankaya, Y. (2015). Technical note: Exploiting problem definition study for cyber security simulations. The Journal of Defense Modeling and Simulation, 12(4), 363–368.

    CrossRef  Google Scholar 

  • Caragliu, A., Bo, C. D., & Nijkamp, P. (2011). Smart cities in Europe. Journal of Urban Technology, 18(2), 65–82.

    CrossRef  Google Scholar 

  • Chiock, M. (2019, April 4). 8 Steps to simplify cybersecurity. SecurityRoundTable. https://www.securityroundtable.org/8-steps-to-simplify-cybersecurity/. Accessed April 10, 2019.

  • Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48–52.

    CrossRef  Google Scholar 

  • Dunn Cavelty, M. (2018). Cybersecurity research meets science and technology studies. Politics and Governance, 6(2), 22–30.

    CrossRef  Google Scholar 

  • European Central Bank. (2018). Digitalisation and its impact on the economy: Insights from a survey of large companies. European Central Bank. https://www.ecb.europa.eu/pub/economic-bulletin/focus/2018/html/ecb.ebbox201807_04.en.html. Accessed April 10, 2019.

  • Feldman, M. S., & Orlikowski, W. J. (2011). Theorizing practice and practicing theory. Organization Science, 22, 1240–1253.

    CrossRef  Google Scholar 

  • Hargreaves, T. (2011). Practice-ing behaviour change: Applying social practice theory to pro-environmental behaviour change. Journal of Consumer Culture, 11(1), 79–99.

    CrossRef  Google Scholar 

  • Koppel, R., Smith, S., Blythe, J., & Kothari, V. (2015). Workarounds to computer access in healthcare organizations: You want my password or a dead patient? Studies in Health Technology and Informatics, 208, 215–220.

    Google Scholar 

  • Lyon, D. (2017). Making trade-offs for safe, effective, and secure patient care. Journal of Diabetes Science and Technology, 11(2), 213–215.

    CrossRef  Google Scholar 

  • Reckwitz, A. (2002). Toward a theory of social practices: A development in culturalist theorizing. European Journal of Social Theory, 5(2), 243–263.

    CrossRef  Google Scholar 

  • Schatzki, T. R. (2002). The site of the social: A philosophical account of the constitution of social life and change. Pennsylvania, US: Penn State University Press.

    Google Scholar 

  • Shove, E., Pantzar, M., & Watson, M. (2012). The dynamics of social practice: Everyday life and how it changes. Los Angeles, US: SAGE.

    CrossRef  Google Scholar 

  • Thomson, K.-L., Von Solms, R., & Louw, L. (2006). Cultivating an organizational information security culture. Computer Fraud & Security, 2006(10), 7–11.

    CrossRef  Google Scholar 

  • Van Niekerk, J. F., & Von Solms, R. (2010). Information security culture: A management perspective. Computers & Security, 29(4), 476–486.

    CrossRef  Google Scholar 

  • Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102.

    CrossRef  Google Scholar 

  • Warner, M. (2012). Cybersecurity: A pre-history. Intelligence and National Security, 27(5), 781–799.

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jason Pridmore .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Pridmore, J., Oomen, T.A.P. (2021). A Practice-Based Approach to Security Management: Materials, Meaning and Competence for Trainers of Healthcare Cybersecurity. In: Jacobs, G., Suojanen, I., Horton, K., Bayerl, P. (eds) International Security Management. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-42523-4_24

Download citation