Protecting Healthcare from Cyber Threats: Integrating Behavioral Insights into Cybersecurity Strategies

Cybersecurity breaches in healthcare often stem from human-factor vulnerabilities such as phishing, social engineering, and policy non-compliance. Despite evolving technical defenses, behavioral risk remains a critical gap. This study uses Protection Motivation Theory (PMT) to examine how healthcare cybersecurity professionals perceive and address these threats. Semi-structured interviews with ten professionals revealed five themes: (1) tension between clinical workflows and security, (2) limited impact of generic training, (3) policy inconsistencies among leadership, (4) value of mentorship and IT presence, and (5) need for behavioral design in policies and technology. Findings suggest healthcare cybersecurity must prioritize human-centered design, participatory policy-making, and adaptive interventions, offering practical insights to bolster cyber resilience.