Title: Strategic cyber security management and possible scenario planning: a model proposal for the health sector

Authors: Cuma Çakmak; Mehmet Aziz Çakmak; İsmail Biçer; Tarık Ziyad Çelik

Addresses: Faculty of Economics and Administrative Sciences, Health Care Management, Dicle University, Diyarbakır, 21010, Turkey ' Mardin Artuklu University, Technology Transfer Office, Mardin, 47100, Turkey ' Çivril Atasay Kamer Vocational School, Health Institutions Management, Pamukkale University, Denizli, 20000, Turkey ' Faculty of Economics and Administrative Sciences, Business Administration, Dicle University, Diyarbakır, 21010, Turkey

Abstract: Hospitals' webpages contain important information that can be used for social engineering. Social engineering can be used to access important information about hospitalised patients. The paper emphasises that defence strategies against cyber-attacks are vital due to the sensitive nature of the healthcare industry. In particular, sensitive information such as hospital records, medical data, and personal health data can be attractive targets. At this point, how strategic cyber-attack management can be applied in the health sector is discussed with a scenario. This study is designed to reveal whether healthcare organisations can protect patient data and privacy. The focus of this study is to evaluate hospitals objectively using the methods used in the study and to bring an innovative evaluation method to the literature. Identifying cyber-attack scenarios and planning strategic defences against them can provide an effective and coordinated response in times of crisis.

Keywords: strategy; cybersecurity; cybersecurity management; scenario planning; health sector.

DOI: 10.1504/IJHTM.2024.149026

International Journal of Healthcare Technology and Management, 2024 Vol.21 No.3/4, pp.233 - 250

Received: 14 May 2024
Accepted: 08 Apr 2025
Published online: 09 Oct 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article