A practice-based approach to security management: Materials, meaning and competence for trainers of healthcare cybersecurity

Abstract

Managing how new digital technologies are integrated into different contexts has become a key component needed for effective international security management. This chapter focuses on rethinking our approach to the integration of digital technologies within (cyber)security work. Most analyses of security take for granted a problematic split between technologies involved in securing specific contexts and the humans involved with or operating such devices. By shifting to a practice theory approach, we offer a more holistic view of security by examining not only the implementation of technologies or human factors but also how this affects the meaning these practices hold. We highlight how this comes into being in the healthcare domain by drawing on interviews with trainers who are actively involved in providing this type of change management. Trainers relate to the daily practices of healthcare staff they train by taking into account the materials they work with, the skills they need and which meaning these practices may hold for them building on this. As such, trainers can be conceived of as mediators of practices and a practice theory approach offers a clearer sense of how to implement security change management.