Development of a Phishing Risk Exposure Taxonomy on Mobile Devices in the Healthcare Industry

Author

Christopher P. Collins, Nova Southeastern UniversityFollow

Date of Award

2025

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Information Assurance (DIA)

Department

College of Computing and Engineering

Advisor

Yair Levy

Committee Member

Gregory Simco

Committee Member

Ling Wang

Keywords

Healthcare cybersecurity, Human factors in cybersecurity, Mobile device cybersecurity, Phishing, SETA in healthcare, Social engineering

Abstract

Phishing emails accessed on mobile devices present substantial risks to healthcare organizations when employees often operate under high cognitive load and with limited cybersecurity training. Despite widespread security awareness initiatives, healthcare workers continue to engage with phishing content on mobile platforms, posing threats to organizational data. Given the high value of healthcare data and the increasing sophistication of phishing schemes targeting healthcare professionals, there is a pressing need to enhance their ability to recognize phishing indicators on mobile devices.

This study developed and validated a Healthcare Workers Phishing Risk Exposure (HWPRE) taxonomy, designed to classify healthcare workers based on their ability to identify signs of phishing within mobile email environments. The research was conducted in three phases. In Phase I, data were collected from 25 cybersecurity Subject Matter Experts (SMEs), who validated the top signs of phishing indicators on mobile devices for healthcare workers. In Phase II, a pilot study involving 60 healthcare workers was conducted to validate the clarity and relevance of these indicators. Phase III involved a survey of 300 healthcare workers across clinical, administrative, and technical roles. Participants were presented with simulated mobile email scenarios in which they were asked to determine if the simulated scenario was either benign or phishing, and identify the signs of phishing (if any) that were previously validated by the cybersecurity SMEs in Phase I.

Findings from Phase III supported the construction of the HWPRE taxonomy, which categorizes users into four distinct cyber risk levels based on their detection ability to detect signs of phishing. The most salient phishing indicators were identified that were relevant to mobile email use among healthcare workers and informed the development of the Healthcare Workers Email Phishing Susceptibility Index (HWEPSI). The HWEPSI highlighted significant variation in phishing susceptibility based on occupational role, age, gender, years of professional experience, and other demographic and contextual factors.

These results contribute to the Body of Knowledge on mobile phishing threats in healthcare. They provide practical tools for assessing cybersecurity risk and informing targeted interventions. Specifically, the HWPRE taxonomy and HWEPSI enable healthcare organizations to implement role-sensitive training strategies and systematically monitor the phishing threat landscape using a structured data-driven approach.

NSUWorks Citation

Christopher P. Collins. 2025. Development of a Phishing Risk Exposure Taxonomy on Mobile Devices in the Healthcare Industry. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, College of Computing and Engineering. (1210)
https://nsuworks.nova.edu/gscis_etd/1210.