Article Review #1: Cyber Victimization in the Healthcare Industry
Introduction
The article “Cyber Victimization in the Healthcare Industry: Analyzing Offender Motivations and Target Characteristics through Routine Activities Theory and Cyber-Routine Activities Theory” by Yashna Praveen, Mijin Kim, and Kyung-Shick Choi focused on the complexities of cyberattacks in the healthcare sector, emphasizing the implications for patient care and data protection. This review will explore how the topic relates to social science principles, the study’s research questions, methods used, data analysis, classroom concepts, its relation to marginalized groups, and its overall societal contributions.
Relation to Social Sciences Principles
•Behavioral Theory: Cybercriminal behavior can be influenced by social factors such as peer behavior and organizational culture within healthcare.
• Sociology of Risk: The study highlights how healthcare organizations face unique risks stemming from digital integration and patient data handling.
• Policy Studies: It mentions essential policies to mitigate cyber risks, which is crucial forprotecting vulnerable populations and maintaining public trust in healthcare systems.
Research Questions and Hypotheses
The primary research questions focus on identifying the motivations behind cyberattacks in healthcare and the specific vulnerabilities that make certain entities more attractive targets. The authors hypothesize that applying RAT and C-RAT will reveal significant insights into these motivations and target characteristics, thus informing preventive strategies.
Research Methods
The study employs a qualitative case study approach, analyzing various high-tech cyber victimization incidents within the healthcare sector.
Data Types and Analysis
The analysis is based on case studies and existing literature on cyber victimization in healthcare. The authors examine specific cyberattacks to draw broader conclusions about offendermotivations and target characteristics using qualitative analysis.
Relation to Classroom Concepts
The article’s analysis of cyber victimization in healthcare aligns with Behavioral Theory. This theory emphasizes how behaviors are learned through interactions with the environment,cybercriminal behavior can be influenced by external factors such as peer behavior, organizational culture, or perceived rewards versus risks in the digital world. Offenders may exploit vulnerabilities in data protection practices, which can become reinforced if initial cyberattacks are successful and go unpunished, creating a cycle where offenders learn that healthcare systems are valuable and relatively easy targets.
Relation to Marginalized Groups
Cyber victimization in healthcare can greatly affect marginalized groups with limited access totechnology and cybersecurity resources. Vulnerable populations face increased risks from data breaches compromising sensitive health information, and worsening healthcare disparities. Thestudy emphasizes the need for targeted strategies and equitable access to cybersecurity resources for these groups.
Overall Contributions of the Study
This research significantly contributes to cybersecurity by providing a detailed understanding ofcyber victimization in healthcare and offering practical solutions through proposed frameworks.It broadens our understanding of safeguarding sensitive information in this critical sector.
Conclusion
Praveen et al.’s article provides valuable insights into the motivations behind cyberattacks in healthcare and the vulnerabilities that make these entities susceptible. The study applies social science principles to inform theoretical frameworks and practical solutions for enhancing the importance of equitable access to cybersecurity resources.
References
Praveen, Y., Kim, M., & Choi, K. (2024). Cyber Victimization in the Healthcare Industry:
Analyzing Offender Motivations and Target Characteristics through Routine Activities Theory
(RAT) and Cyber-Routine Activities Theory (Cyber-RAT). International Journal of
Cybersecurity Intelligence & Cybercrime, 7(2). https://doi.org/10.52306/2578-3289.1186
OpenAI. (2024). ChatGPT (October 2 version) [Large language model]. https://chat.openai.com/
Article Review #2: Impact of Cybersecurity and AI’s Related Factors on Incident
Reporting Suspicious Behaviour and Employees Stress
Introduction
This review examines the article “Impact of Cybersecurity and AI’s Related Factors on Incident Reporting Suspicious Behaviour and Employees Stress: Moderating Role of Cybersecurity Training” by Vimala Venugopal Muthuswamy and Suresh Esakki, published in the International Journal of Cyber Criminology. The study investigates how various factors within cybersecurity and AI influence incident reporting and employee stress levels, highlighting the role of cybersecurity training.
Relation to Social Science Principles
The study embodies key social science principles, particularly in understanding human behaviorwithin organizational settings. It emphasizes the interaction between psychological factors (employee stress), organizational policies (cybersecurity training), and technology. These interactions are crucial in examining how employees navigate cybersecurity challenges and make decisions regarding incident reporting.
Research Questions and Hypotheses
• Incident reporting mediates the relationship between cybersecurity awareness and employee stress.
• Incident reporting acts as a mediator between the intention to use AI and employee stress.
• Incident reporting mediates the relationship between perceived threats in AI andmemployee stress.
• Cybersecurity training moderates the relationship between cybersecurity incident management and incident reporting.
• Cybersecurity training moderates the relationship between cybersecurity awareness and incident reporting.
Research Methods
The study utilized a quantitative research design, employing structured questionnaires administered to 229 employees from various sectors, including fast food, online retail, and banking.
Data and Analysis
The analysis revealed that incident reporting partially mediates the connections among cybersecurity incident management, cybersecurity awareness, intention to use AI, perceived threat in AI, and employee stress levels. Additionally, while cybersecurity training moderated several relationships, its impact was limited in the context of intention to use AI and reporting suspicious behavior. The results highlight the necessity of effective incident reporting systems and robust training programs to alleviate employee stress related to cybersecurity and AI challenges.
Connection to Course Concepts
This study aligns with our course on psychological safety in organizations, emphasizing the importance of creating a supportive environment where employees feel empowered to report suspicious behavior without fear of repercussions. It also explores the impact of AI on employee perceptions and behaviors in the workplace.
Marginalized Groups
The topic is important for marginalized groups, as employees in lower-wage sectors may face increased stress due to inadequate cybersecurity training and support, making them more vulnerable to cyber threats. Comprehensive training programs could help bridge this gap and improve cybersecurity practices in diverse workforces.
Conclusion
Muthuswamy and Esakki’s research sheds light on how cybersecurity practices affect employee well-being and organizational security. The study emphasizes the importance of incident reporting and cybersecurity training, offering valuable insights for organizations. Future research should focus on underrepresented groups for more equitable cybersecurity solutions.
References
Muthuswamy, V. V., & Esakki, S. (2024). Impact of Cybersecurity and AI’s Related Factors on
Incident Reporting Suspicious Behaviour and Employees Stress: Moderating Role of
Cybersecurity Training. International Journal of Cyber Criminology, 18(1), 83-107.
OpenAI. (2024). ChatGPT (October 2 version) [Large language model]. https://chat.openai.com/