Date of Award

Winter 12-14-2017

Document Type

Dissertation - University of Massachusetts Global access only

Degree Name

Doctor of Education (EdD)


Organizational Leadership

First Advisor

General Davie

Second Advisor

Keith Larick

Third Advisor

Chris Keung


The purpose of this study was to identify the team behaviors that cybersecurity professionals should possess to identify and prevent cyber threats, identify the organizational elements that should be in place for the effective deployment of cyber professionals to prevent cyber-threats, and identify the organizational barriers and solutions to effective deployment of cybersecurity professionals. For this mixed-method Delphi study, 25 cybersecurity experts were selected from the healthcare industry, actively employed at one of the nation’s largest healthcare providers (Kaiser Permanente) as well as one of the largest healthcare device manufacturers (General Electric). The researcher collected data, tabulated mean scores and consensus was established using standardized scoring. Based on the findings of this study and supported by literature, 1) being result-oriented, 2) having integrity and honesty, 3) accepting responsibility, 4) respecting coworkers’ opinions, 5) and having an acceptable degree of emotional intelligence are the top team behaviors a cybersecurity team member needs to possess in order to effectively defend against cyber threats. Also, based on the findings of this study 1) having a proper budget, 2) executive support, 3) a good work-life balance, 4) and an organization’s understanding of the value of security and privacy and their willingness to treat cybersecurity as an essential part of the business are the most important organizational elements that need to be in place to deploy cyber professionals to identify and prevent cyber threats. It can be concluded, based on the findings, that 1) a cybersecurity professional must possess a combination of behavioral traits, 2) the human resource team of an organization plays a key role, 3) educational institutions should have more classes focused on non-technical abilities, 3) executive support for cybersecurity and availability of needed cybersecurity budget are direct evidence of one another, 4) organizations need recruiters that have cybersecurity knowledge, and 5) cybersecurity leaders should take a risk management approach. Based on the lack of behavioral research data on cybersecurity employees and teams, further research is recommended to be done on cybersecurity teams irrelevant of industry and on a global scale.