Search results for "cybersecurity breach"

showing 2 items of 2 documents

Organizational Learning from Cybersecurity Performance: Effects on Cybersecurity Investment Decisions

2023

AbstractIS literature has identified various economic, performance, and environmental factors affecting cybersecurity investment decisions. However, economic modeling approaches dominate, and research on cybersecurity performance as an antecedent to investments has taken a backseat. Neglecting the role of performance indicators ignores real-world concerns driving actual cybersecurity investment decision-making. We investigate two critical aspects of cybersecurity performance: breach costs and breach identification source, as antecedents to cybersecurity investment decisions. We use organizational learning to theorize how performance feedback from these two aspects of cybersecurity breaches …

oppiva organisaatioComputer Networks and Communicationsbreach costTheoretical Computer Sciencecybersecurity investmentorganizational learningcybersecurity breachbreach identifcationcybersecurity performancetietoturvakyberturvallisuusSoftwaretieto- ja viestintärikoksetInformation SystemsInformation Systems Frontiers
researchProduct

Information Security Risk Assessments following Cybersecurity Breaches : The Mediating Role of Top Management Attention to Cybersecurity

2023

Information Systems (IS) research on managerial response to cybersecurity breaches has largely focused on externally oriented actions such as customer redressal and crisis response. Within the firm itself, a breach may be a symptom of systematic problems, and a narrow, siloed focus on only fixing immediate issues through technical fixes and controls might preclude other managerial actions to ensure future cybersecurity. Towards this end, Information Security Risk Assessments (ISRA) can help surface other vulnerabilities following a breach. While the role of governance in such exercises is emphasized in standards, it is undertheorized in IS research and lacks empirical evidence. We draw on t…

post-breach managementtop management teamGeneral Computer Sciencecybersecurity governancerisk assessmentriskinarviointitietotekniikkayrityksetcybersecurity breachattention-based viewtietoturvakyberturvallisuustietomurtojohtoryhmätLawriskittietojärjestelmätComputers & Security
researchProduct