Cyber Risk Awareness in Small and Medium Enterprises

Steinacher, Tobias

Cyber Risk Awareness in Small and Medium Enterprises

Autor:innen

Steinacher, Tobias

Autor:in (Körperschaft)

Publikationsdatum

2019

Typ der Arbeit

Master

Studiengang

Sammlung

Master of Science

Komplettanzeige

Typ

11 - Studentische Arbeit

Herausgeber:innen

Herausgeber:in (Körperschaft)

Betreuer:in

Asprion, Petra

Übergeordnetes Werk

Themenheft

DOI der Originalpublikation

URI

https://irf.fhnw.ch/handle/11654/39928

Link

Reihe / Serie

Reihennummer

Jahrgang / Band

Ausgabe / Nummer

Seiten / Dauer

Patentnummer

Verlag / Herausgebende Institution

Hochschule für Wirtschaft FHNW

Verlagsort / Veranstaltungsort

Olten

Auflage

Version

Programmiersprache

Abtretungsempfänger:in

Praxispartner:in/Auftraggeber:in

Zusammenfassung

Cyber security is an emerging topic, as headlines on data breaches in major global firms are increasing alarmingly. However, not only large corperations are vulnerable to cybercrime; attacks on Small and Medium Enterprises (SMEs) are now considered a common occurence worldwide. Reasons for the high susceptibility of SMEs range from a general lack of resources to a low awareness of possible threats. Raising cyber risk awareness on all levels in an organisation is considered the best security return on invested capital. Different intervention approaches to increase cyber risk awareness among employees were studied and various methods to measure the respective effectiveness can be found in literature. This study investigated cyber risk awareness in SMEs in Switzerland. A design science research approach was followed to develop a framework to guide SMEs through the process of raising cyber risk awareness among employees. The framework was developed based on five principles adapted from ISACA’s “Six Principles for a Governance System”.The Cyber Risk Awareness framework, introduced in this research, is inspired by the Deming cycle and aims at continous improvement. A single case study, an interview with a cyber security expert plus an interview with a governance body formed the three-stage evaluation process, which supports the validity and practical usability of the framework.

Schlagwörter

Fachgebiet (DDC)

330 - Wirtschaft

Projekt

Veranstaltung

Startdatum der Ausstellung

Enddatum der Ausstellung

Startdatum der Konferenz

Enddatum der Konferenz

Datum der letzten Prüfung

ISBN

ISSN

Sprache

Englisch

Während FHNW Zugehörigkeit erstellt

Ja

Zukunftsfelder FHNW

Publikationsstatus

Begutachtung

Open Access-Status

Lizenz

Zitation

Steinacher, T. (2019). Cyber Risk Awareness in Small and Medium Enterprises [Hochschule für Wirtschaft FHNW]. https://irf.fhnw.ch/handle/11654/39928

Komplettanzeige