Cybersecurity Governance – An Adapted Practical Framework for Small Enterprises

Date

2023-01-03

Contributor

Advisor

Department

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

5928

Ending Page

Alternative Title

Abstract

Digitalization is advancing and the associated risks are a strategic task for enterprises of all sizes. One risk area to which small businesses often do not pay enough attention are cyber risks. Often, the governance of cyber risks is not embedded at the owner or management level. However, it is important to evaluate, direct and monitor cyber risk mitigation activities by a company's leaders or its owner. A ´cybersecurity governance framework´ for small enterprises was developed and validated by applying Design Science Research. The framework focuses on criteria that are essential for small businesses, such as simplicity of understanding and ease of use (both for non-experts). Six principles identified relevant build the common thread of the framework, which guides the main activities to be implemented: 'responsibility', 'strategy', 'cybersecurity threats and risks', 'development and change', 'conformance' and 'people, skills and competencies'.

Description

Keywords

IT Governance and its Mechanisms, cybersecurity, frameworks, governance, guideline, small enterprises

Citation

Extent

10

Format

Geographic Location

Time Period

Related To

Proceedings of the 56th Hawaii International Conference on System Sciences

Related To (URI)

Table of Contents

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International

Rights Holder

Local Contexts

Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.