Cybersecurity Threats in Saudi Healthcare: Exploring Email Communication Practices to Enhance Cybersecurity Among Healthcare Employees in Saudi Arabia.

As sophisticated cyber threats like phishing attacks, ransomware, and various hacker-driven exploits continue to rise, healthcare organisations are confronting unprecedented cybersecurity risk. These evolving methods target the sensitive data and critical systems that modern healthcare relies on, posing serious threats to operational integrity and patient safety. This research provides a comprehensive examination of the phishing attacks facing the healthcare sector in Saudi Arabia, a nation experiencing rapid digital transformation in line with Vision 2030. The study examines how healthcare employees in Saudi Arabia perceive and interact with email communication, a primary channel for cyberattacks. Using a qualitative approach that includes semi-structured interviews with healthcare professionals, the findings reveal significant vulnerabilities arising from inconsistent training, an overreliance on informal messaging platforms, and limited awareness of phishing schemes. This dual focus provides valuable insights into the broader threat landscape and the specific behavioural and institutional practices that influence cybersecurity outcomes. The study highlights the urgent need for structured, mandatory cybersecurity training programs tailored to healthcare roles and policy reforms that address technological and human factors. Future research is recommended to further assess and bolster cybersecurity awareness and resilience across the sector through targeted, evidence-based interventions.