Search results for "post-breach management"
showing 1 items of 1 documents
Information Security Risk Assessments following Cybersecurity Breaches : The Mediating Role of Top Management Attention to Cybersecurity
2023
Information Systems (IS) research on managerial response to cybersecurity breaches has largely focused on externally oriented actions such as customer redressal and crisis response. Within the firm itself, a breach may be a symptom of systematic problems, and a narrow, siloed focus on only fixing immediate issues through technical fixes and controls might preclude other managerial actions to ensure future cybersecurity. Towards this end, Information Security Risk Assessments (ISRA) can help surface other vulnerabilities following a breach. While the role of governance in such exercises is emphasized in standards, it is undertheorized in IS research and lacks empirical evidence. We draw on t…