Abstract
Managing how new digital technologies are integrated into different contexts has become a key component needed for effective international security management. This chapter focuses on rethinking our approach to the integration of digital technologies within (cyber)security work. Most analyses of security take for granted a problematic split between technologies involved in securing specific contexts and the humans involved with or operating such devices. By shifting to a practice theory approach, we offer a more holistic view of security by examining not only the implementation of technologies or human factors but also how this affects the meaning these practices hold. We highlight how this comes into being in the healthcare domain by drawing on interviews with trainers who are actively involved in providing this type of change management. Trainers relate to the daily practices of healthcare staff they train by taking into account the materials they work with, the skills they need and which meaning these practices may hold for them building on this. As such, trainers can be conceived of as mediators of practices and a practice theory approach offers a clearer sense of how to implement security change management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
In total, nineteen semi-structured interviews were conducted by the authors and consortium partners in the SecureHospitals.eu project (funded under the EU Horizon 2020 scheme). The interviews lasted between 30 and 75 min. For each interview, a verbatim transcript was made for the purpose of analysis. We applied thematic analysis as a process of “identifying, analysing and reporting patterns (themes) within data” (Braun and Clarke 2006, p. 79). After completing the analysis, the themes and underlying codes were structured into a narrative format for this chapter. Key quotes are used to illustrate the findings and to provide deeper insights into the experiences of trainers.
- 3.
All the names have been changed to pseudonyms to protect the privacy of the trainers we interviewed.
References
Ayala, L. (2016). Cybersecurity for hospitals and healthcare facilities. A guide to detection and prevention. New York, US: Apress.
Baldwin, D. A. (1997). The concept of security. Review of International Studies, 23, 5–26.
Boyes, H. (2015). Cybersecurity and cyber-resilient supply chains. Technology Innovation Management Review, 5(4), 28–34.
Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77–101.
Cankaya, Y. (2015). Technical note: Exploiting problem definition study for cyber security simulations. The Journal of Defense Modeling and Simulation, 12(4), 363–368.
Caragliu, A., Bo, C. D., & Nijkamp, P. (2011). Smart cities in Europe. Journal of Urban Technology, 18(2), 65–82.
Chiock, M. (2019, April 4). 8 Steps to simplify cybersecurity. SecurityRoundTable. https://www.securityroundtable.org/8-steps-to-simplify-cybersecurity/. Accessed April 10, 2019.
Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48–52.
Dunn Cavelty, M. (2018). Cybersecurity research meets science and technology studies. Politics and Governance, 6(2), 22–30.
European Central Bank. (2018). Digitalisation and its impact on the economy: Insights from a survey of large companies. European Central Bank. https://www.ecb.europa.eu/pub/economic-bulletin/focus/2018/html/ecb.ebbox201807_04.en.html. Accessed April 10, 2019.
Feldman, M. S., & Orlikowski, W. J. (2011). Theorizing practice and practicing theory. Organization Science, 22, 1240–1253.
Hargreaves, T. (2011). Practice-ing behaviour change: Applying social practice theory to pro-environmental behaviour change. Journal of Consumer Culture, 11(1), 79–99.
Koppel, R., Smith, S., Blythe, J., & Kothari, V. (2015). Workarounds to computer access in healthcare organizations: You want my password or a dead patient? Studies in Health Technology and Informatics, 208, 215–220.
Lyon, D. (2017). Making trade-offs for safe, effective, and secure patient care. Journal of Diabetes Science and Technology, 11(2), 213–215.
Reckwitz, A. (2002). Toward a theory of social practices: A development in culturalist theorizing. European Journal of Social Theory, 5(2), 243–263.
Schatzki, T. R. (2002). The site of the social: A philosophical account of the constitution of social life and change. Pennsylvania, US: Penn State University Press.
Shove, E., Pantzar, M., & Watson, M. (2012). The dynamics of social practice: Everyday life and how it changes. Los Angeles, US: SAGE.
Thomson, K.-L., Von Solms, R., & Louw, L. (2006). Cultivating an organizational information security culture. Computer Fraud & Security, 2006(10), 7–11.
Van Niekerk, J. F., & Von Solms, R. (2010). Information security culture: A management perspective. Computers & Security, 29(4), 476–486.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102.
Warner, M. (2012). Cybersecurity: A pre-history. Intelligence and National Security, 27(5), 781–799.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Pridmore, J., Oomen, T.A.P. (2021). A Practice-Based Approach to Security Management: Materials, Meaning and Competence for Trainers of Healthcare Cybersecurity. In: Jacobs, G., Suojanen, I., Horton, K., Bayerl, P. (eds) International Security Management. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-42523-4_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-42523-4_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42522-7
Online ISBN: 978-3-030-42523-4
eBook Packages: Political Science and International StudiesPolitical Science and International Studies (R0)