Cybersecurity Governance – An Adapted Practical Framework for Small Enterprises

Date
2023-01-03
Authors
Asprion, Petra
Gossner, Patrick
Schneider, Bettina
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
5928
Ending Page
Alternative Title
Abstract
Digitalization is advancing and the associated risks are a strategic task for enterprises of all sizes. One risk area to which small businesses often do not pay enough attention are cyber risks. Often, the governance of cyber risks is not embedded at the owner or management level. However, it is important to evaluate, direct and monitor cyber risk mitigation activities by a company's leaders or its owner. A ´cybersecurity governance framework´ for small enterprises was developed and validated by applying Design Science Research. The framework focuses on criteria that are essential for small businesses, such as simplicity of understanding and ease of use (both for non-experts). Six principles identified relevant build the common thread of the framework, which guides the main activities to be implemented: 'responsibility', 'strategy', 'cybersecurity threats and risks', 'development and change', 'conformance' and 'people, skills and competencies'.
Description
Keywords
IT Governance and its Mechanisms, cybersecurity, frameworks, governance, guideline, small enterprises
Citation
Extent
10
Format
Geographic Location
Time Period
Related To
Proceedings of the 56th Hawaii International Conference on System Sciences
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.