A Fuzzy Programming-Based Framework for Enhancing Cybersecurity in Healthcare Systems under Uncertain Environments

Abstract

In the era of digital healthcare transformation, cybersecurity threats pose significant risks to sensitive medical data and patient safety, especially in uncertain environments. This study presents a fuzzy programming-based decision-making framework to enhance cybersecurity in healthcare systems, where ambiguity and imprecision in data and risk evaluation are prominent. The proposed framework integrates the Fuzzy Analytic Hierarchy Process (F-AHP) for risk prioritization, the Fuzzy Technique for Order Preference by Similarity to Ideal Solution (F-TOPSIS) for evaluating cybersecurity measures, and a fuzzy linear programming model for optimal resource allocation. The model is mathematically formulated to minimize risk exposure subject to budgetary and operational constraints, with fuzzy parameters capturing uncertainty in the effectiveness, cost, and feasibility of security measures. A numerical example involving three cybersecurity risks and three mitigation strategies demonstrates the framework's practical application. The fuzzy evaluation process identifies end-to-end encryption as the most effective and feasible solution, and the optimization model allocates limited resources accordingly to minimize overall cyber vulnerability. The results validate the robustness and applicability of the proposed approach in guiding healthcare decision-makers toward secure and efficient cybersecurity strategies under uncertainty. This research bridges the gap between cyber risk modeling and practical security implementation in healthcare environments.