Barriers to dynamic cybersecurity capabilities in healthcare software services

Abstract

Healthcare firms need to respond faster to the rapidly changing threat landscape. Risks to patient privacy and safety are increasing due to recent cyber-attacks. Healthcare firms are lagging in building cybersecurity capabilities prescribed by best practice approaches. The purpose of this case study is to identify the barriers to building a dynamic cybersecurity capability within a South African healthcare software services firm. The firm is a major provider of cloud-based software as a service (SaaS) solutions to medical practitioners and hospitals. The study used interviews and document analysis as primary data collection methods. Thematic analysis guided by a dynamic capability perspective was used to identify the internal and external barriers that could impede building a dynamic cybersecurity capability at a healthcare software services firm. The research recommends interventions to address cybersecurity barriers in healthcare software services firms.