Organizational Data Breach: Building Conscious Care Behavior in Incident Response

Nz Jhanjhi,Mehedi Masud,Norjihan Binti Abdul Ghani,Muneer Ahmad,Adlyn Adam Teoh,Mohammed A Alzain

doi:10.32604/csse.2022.018468

Abstract

Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses. This research study draws upon the literature in the areas of information security, incident response, theory of planned behaviour, and protection motivation theory to expand and empirically validate a modified framework of information security conscious care behaviour formation. The applicability of the theoretical framework is shown through a case study labelled as a cyber-attack of unprecedented scale and sophistication in Singapore’s history to-date, the 2018 SingHealth data breach. The single in-depth case study observed information security awareness, policy, experience, attitude, subjective norms, perceived behavioral control, threat appraisal and self-efficacy as emerging prominently in the framework’s applicability in incident handling. The data analysis did not support threat severity relationship with conscious care behaviour. The findings from the above-mentioned observations are presented as possible key drivers in the shaping information security conscious care behaviour in real-world cyber incident management.

Highlights

The patient electronic medical records are stored in the SingHealth Sunrise Clinical Manager (“SCM”) database
At the time of the occurrence, SingHealth was the owner of the SCM system and Integrated Health Information Systems Private Limited (“IHiS”) was in charge of managing the system
IHiS was responsible for executing cybersecurity measures, and security incident response and reporting

Summary

Introduction

The data breach resulted in almost 1.5 million patient personal demographics being exfiltrated to a suspect nation state actor in which 159,000 outpatient medication details were accessed. The country’s Prime Minister’s personal and outpatient medication data was targeted and repeatedly accessed. The breach at JP Morgan Chase (a major U.S financial services provider) in 2014 resulted in the compromise of personally identifiable information, while the 2011 Sony incident resulted in the leakage of both personal and financial data. In both incidents, over 70 million users were impacted [9,10].

Objectives

Methods

Results

Conclusion