Cybersecurity Governance - Framework for Small and Micro Enterprises

Gossner, Patrick, 2021

Type of Thesis Master Thesis
Client
Supervisor Asprion, Petra
Keywords
Views: 86 - Downloads: 33
Digitalization continues to advance. Coping with the resulting opportunities and risks is a challenge for companies. One of the risk areas to which small and micro enterprises (S&ME) often are not paying enough attention are cybersecurity risks. Statistics show that more and more S&ME are falling victim to cyber-attacks. Therefore, an interesting area of investigation is the approach of how S&ME deal with cybersecurity governance in an appropriate way. The fact that S&ME are underdeveloped in managing cybersecurity risks and hence increasingly affected by cyber-attacks underlines that the governance perspective with regards to cybersecurity is insufficiently embedded at the owner or management level so as to steer cybersecurity activities in an efficient, effective and acceptable way. As part of this research, a cybersecurity governance framework for S&ME (CGF4S&ME) is developed and evaluated, according to the research method 'design science'. In the process of developing the CGF4S&ME, the design science research framework of Vaishnavi and Kuechler is followed. Thereby, existing frameworks are analyzed, key cybersecurity threats and relevant assets of S&ME are considered. Based on existing frameworks covering the governance perspective, appropriate cybersecurity governance principles and specific activities for S&ME are derived. The newly created CGF4S&ME is evaluated by means of expert interviews. Based on the findings from the interviews, the CGF4S&ME was adjusted, accordingly....
Studyprogram: Business Information Systems (Master)
Confidentiality: öffentlich
Type of Thesis
Master Thesis
Authors
Gossner, Patrick
Supervisor
Asprion, Petra
Publication Year
2021
Thesis Language
English
Confidentiality
Public
Studyprogram
Business Information Systems (Master)
Location
Olten