oru.sePublikationer
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Examining how IT Professionals in SMEs Take Decisions About Implementing Cyber Security Strategy
Department of Informatic, Linnaeus University, Växjö, Sweden.
Örebro University, Örebro University School of Business. Department of Informatic, Linnaeus University, Växjö, Sweden.
2015 (English)In: PROCEEDINGS OF 9TH EUROPEAN CONFERENCE ON IS MANAGEMENT AND EVALUATION (ECIME 2015), Academic Conferences Limited, 2015, 231-239 p.Conference paper, (Refereed)
Resource type
Text
Abstract [en]

With the significant growth of cyber space, business organizations have become more alert than ever before that cyber security must be considered seriously and that there is a need to develop up-to-date security measures. It has become an increasing trend that cyber-attackers concentrate more on small and medium than on large enterprises, due to their known vulnerability towards cyber security. In exchange of successful cyber security measures in organizations, the security risks must be taken into consideration more closely that could be helpful for re-thinking their decision-making on cyber security. This article develops a theoretical framework on cyber security with three aspects taken in consideration: organizational, technological and psychological, that deserves the attention of IT professionals while and after creating cyber security measures in their SMEs. The first two aspects (organizational and technological) focus on understanding the IT professionals' decision-making process, while the third aspect (psychological) focuses on understanding the IT professionals' post decision-making reactions. Firstly, the organizational aspect presupposes that the ones who create cyber security measures are exposed to unclear and undefined decision processes and rights that lead to system vulnerabilities. Secondly, the technological aspect focuses on disclosing how many IT professionals in their organizations fail to meet foundational technological measures, such as the existence of Internet firewall, logs of system events, existence of hardware and software inventory list, data backup, antivirus software and password rules. Lastly, the psychological aspect, explains how post cyber security decisions made by IT professionals may have a contra-effect on the organization. Our data analyses collected based on interviews with IT professionals across 6 organizations (SMEs) show that cyber security is yet to be developed among SMEs, an issue that must not be taken lightly. Results show that the IT professionals in these organizations need to strengthen and develop their security thinking, in order to decrease the vulnerability of informational assets among SMEs. We believe that a perspective on understanding decision-making processes upon the cyber security measures by IT professionals in SMEs may bring a theoretical redirection in the literature, as well as an important feedback to practice.

Place, publisher, year, edition, pages
Academic Conferences Limited, 2015. 231-239 p.
Series
Proceedings of the European Conference on Information Management and Evaluation, ISSN 2048-8912
Keyword [en]
cyber security, SMEs, IT professionals, decision-making, security counter measures
National Category
Information Systems
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:oru:diva-49725ISI: 000371980300028Scopus ID: 2-s2.0-84994175636ISBN: 978-1-910810-56-9 (print)OAI: oai:DiVA.org:oru-49725DiVA: diva2:917916
Conference
9th European Conference on Information Management and Evaluation (ECIME), Univ W England, Bristol, England, September 21-22, 2015
Available from: 2016-04-08 Created: 2016-04-08 Last updated: 2017-06-30Bibliographically approved

Open Access in DiVA

No full text

Scopus

Search in DiVA

By author/editor
Kajtazi, Miranda
By organisation
Örebro University School of Business
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

Total: 204 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf