Abstract:
Healthcare firms need to respond faster to the rapidly changing threat landscape. Risks to patient privacy and safety are increasing due to recent cyber-attacks. Healthcare firms are lagging in building cybersecurity capabilities prescribed by best practice approaches. The purpose of this case study is to identify the barriers to building a dynamic cybersecurity capability within a South African healthcare software services firm. The firm is a major provider of cloud-based software as a service (SaaS) solutions to medical practitioners and hospitals. The study used interviews and document analysis as primary data collection methods. Thematic analysis guided by a dynamic capability perspective was used to identify the internal and external barriers that could impede building a dynamic cybersecurity capability at a healthcare software services firm. The research recommends interventions to address cybersecurity barriers in healthcare software services firms.