Abstract

Data breaches in the U.S. healthcare system jeopardize sensitive patient information, incurring substantial financial, legal, and reputational costs (McLeod & Dolezel, 2018). Beyond immediate consequences, a security breach often sets off a rippling effect—triggering subsequent vulnerabilities and follow-on attacks across systems and entities (Hovav & Gray, 2014). Understanding the dynamic interplay of breach types is critical for effective risk mitigation and cybersecurity strategy formulation (Angst et al., 2017). This study analyzes transitions between breach types using a comprehensive dataset of U.S. healthcare breach incidents from 2014 to 2023. By examining breach event patterns, we assess the likelihood of one breach type leading to another and evaluate the influence of covariates, such as healthcare entity types (e.g., hospitals, insurers). Our approach extends dynamic cybersecurity risk analysis (Zadeh & Jeyaraj, 2022). The findings reveal critical insights into the temporal evolution of data breaches, identifying prevalent attack vector pathways and pinpointing entities most susceptible to recurring threats. Our findings provide actionable implications for policymakers, cybersecurity experts, and risk managers, enabling the development of targeted preventive measures and robust response strategies to strengthen healthcare cybersecurity.

Comments

tpp1244

Download

Share

COinS