Enhancing Incident Response Strategies in U.S. Healthcare Cybersecurity
Adebayo Yusuf Balogun
*
University of Tampa, 401 W Kennedy Blvd, Tampa, FL 33606, United States of America.
Oluwaseun Oladeji Olaniyi
University of the Cumberlands, 104 Maple Drive, Williamsburg, KY 40769, United States of America.
Anthony Obulor Olisa
Cumberland University, 1 Cumberland Dr, TN 37087, Lebanon.
Michael Olayinka Gbadebo
Cavendish University Zambia, Corner of and Elizabeth, Great N Rd, Lusaka, Zambia.
Noah Chukwufumnanya Chinye
Cavendish University Zambia, Corner of and Elizabeth, Great N Rd, Lusaka, Zambia.
*Author to whom correspondence should be addressed.
Abstract
This study explores the enhancement of incident response strategies in the U.S. healthcare sector, leveraging data from the Verizon Data Breach Investigations Report, the HHS Breach Portal, and the MITRE ATT&CK Framework. A quantitative methodology was employed, incorporating descriptive statistics, linear regression, and clustering analysis to assess the state of incident response, the impact of recent cyberattacks, and the effectiveness of advanced technologies. Findings revealed consistent improvements in detection and containment times (5.26% and 5.68% annually, respectively) but showed that healthcare still lags behind cross-industry benchmarks. A strong correlation (R² = 0.946) was observed between breach size and financial losses, with larger breaches incurring severe operational and financial impacts. AI-driven systems outperformed traditional methods, achieving a 93.5% F1 score compared to 81.5% for conventional approaches. Recommendations include investing in AI systems, comprehensive training programs, upgrading legacy systems, and implementing continuous improvement mechanisms to strengthen healthcare cybersecurity resilience.
Keywords: Cybersecurity, incident response, healthcare sector, artificial intelligence, quantitative analysis