Business Strategy analysis of Cybersecurity Incidents

Business Strategy analysis of Cybersecurity Incidents

In the current social and economic processes, information and communication services play a decisive role, changing several entities’ operations. The growing dependence that has developed over the last two decades made the security needs introduced political will, which has resulted in an iterative...

Full description

Bibliographic Details
Main Authors: Bederna Zsolt, Rajnai Zoltan, Szadeczky Tamas
Format: Article
Language:English
Published: Sciendo 2021-06-01
Series:Revista Academiei Forţelor Terestre
Subjects:
cybersecurity
cybersecurity capabilities
cybersecurity strategy
Online Access:https://doi.org/10.2478/raft-2021-0020
id doaj-c522c52b33fd4e3da3ffd07853793b88
record_format Article
spelling doaj-c522c52b33fd4e3da3ffd07853793b882021-09-05T14:01:18ZengSciendoRevista Academiei Forţelor Terestre2247-840X2021-06-0126213914810.2478/raft-2021-0020Business Strategy analysis of Cybersecurity IncidentsBederna Zsolt0Rajnai Zoltan1Szadeczky Tamas2Óbuda University, Budapest, HungaryÓbuda University, Budapest, HungaryMasaryk University, Brno, Czech RepublicIn the current social and economic processes, information and communication services play a decisive role, changing several entities’ operations. The growing dependence that has developed over the last two decades made the security needs introduced political will, which has resulted in an iterative evolution of the regulatory environment. Hence, the legal framework requires that several entities develop protection that includes controls enhancing both preventive and reactive in a risk-proportionate manner under the business value to be protected. Nevertheless, due to the nature of cybersecurity, the development of such capabilities is not the task of a single organisation but all entities involved in cyberspace, including, e.g., individuals, non-profit and for-profit organisations, public sector actors. Therefore, each involved entity should design protection capabilities in a risk-proportionate manner, which requires strategic approaches and tools and requires organisations to learn from security incidents. This paper reviews the essential formal security strategy formulation tools, applying in the Facebook’s case based on publicly available information. The analysis aims to confirm the importance of management’s attitude and support for tackling cybersecurity’s challenges.https://doi.org/10.2478/raft-2021-0020cybersecuritycybersecurity capabilitiescybersecurity strategy
collection DOAJ
language English
format Article
sources DOAJ
author Bederna Zsolt
Rajnai Zoltan
Szadeczky Tamas
spellingShingle Bederna Zsolt
Rajnai Zoltan
Szadeczky Tamas
Business Strategy analysis of Cybersecurity Incidents
Revista Academiei Forţelor Terestre
cybersecurity
cybersecurity capabilities
cybersecurity strategy
author_facet Bederna Zsolt
Rajnai Zoltan
Szadeczky Tamas
author_sort Bederna Zsolt
title Business Strategy analysis of Cybersecurity Incidents
title_short Business Strategy analysis of Cybersecurity Incidents
title_full Business Strategy analysis of Cybersecurity Incidents
title_fullStr Business Strategy analysis of Cybersecurity Incidents
title_full_unstemmed Business Strategy analysis of Cybersecurity Incidents
title_sort business strategy analysis of cybersecurity incidents
publisher Sciendo
series Revista Academiei Forţelor Terestre
issn 2247-840X
publishDate 2021-06-01
description In the current social and economic processes, information and communication services play a decisive role, changing several entities’ operations. The growing dependence that has developed over the last two decades made the security needs introduced political will, which has resulted in an iterative evolution of the regulatory environment. Hence, the legal framework requires that several entities develop protection that includes controls enhancing both preventive and reactive in a risk-proportionate manner under the business value to be protected. Nevertheless, due to the nature of cybersecurity, the development of such capabilities is not the task of a single organisation but all entities involved in cyberspace, including, e.g., individuals, non-profit and for-profit organisations, public sector actors. Therefore, each involved entity should design protection capabilities in a risk-proportionate manner, which requires strategic approaches and tools and requires organisations to learn from security incidents. This paper reviews the essential formal security strategy formulation tools, applying in the Facebook’s case based on publicly available information. The analysis aims to confirm the importance of management’s attitude and support for tackling cybersecurity’s challenges.
topic cybersecurity
cybersecurity capabilities
cybersecurity strategy
url https://doi.org/10.2478/raft-2021-0020
work_keys_str_mv AT bedernazsolt businessstrategyanalysisofcybersecurityincidents
AT rajnaizoltan businessstrategyanalysisofcybersecurityincidents
AT szadeczkytamas businessstrategyanalysisofcybersecurityincidents
_version_ 1717810454438346752

Similar Items