Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
Title: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public...
Main Authors: | , |
---|---|
Format: | Others |
Language: | English |
Published: |
Linköpings universitet, Informatik
2018
|
Subjects: | |
Online Access: | http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300 |
id |
ndltd-UPSALLA1-oai-DiVA.org-liu-149300 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-UPSALLA1-oai-DiVA.org-liu-1493002018-06-30T05:36:38ZPrevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climateengFörebyggandet av cybersäkerhetsincidenter inom offentlig sektor : En kvalitativ fallstudie av två offentliga organisationer och deras väg mot ett hållbart cyber klimatEnocson, JuliaSöderholm, LinnéaLinköpings universitet, InformatikLinköpings universitet, Filosofiska fakultetenLinköpings universitet, InformatikLinköpings universitet, Filosofiska fakulteten2018Cyber SecurityIncidentPreventionPublic SectorIT SecurityInformation SecurityOther Social Sciences not elsewhere specifiedÖvrig annan samhällsvetenskapTitle: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public Sector, IT Security, Information Security Background: In today’s digital environment it has become crucial for organizations to protect themselves against cyber security attacks and incidents. Emerging technologies pose security risks and the number of cyber security incidents are increasing. Within the public sector it is considered as one of the most challenging phenomenons that governments face today, and awareness is limited. However, studies show that a majority of cyber security incidents could have been prevented. In addition, evidence indicates that incidents often occurs due to internal actions, and not external threats. Purpose: The purpose of our study is to identify factors that may impact public organizations’ capability to prevent cyber security incidents, and subsequently how they could work towards maintaining a proactive prevention. Methodology: This study has adopted a qualitative research strategy with the design of a case study of cyber security incident prevention in the public sector, examined through two organizations. In order to collect empirical data, semi-structured interviews were conducted. Conclusion: In this study we have, based on previous literature and empirical data, identified seven influential factors that may be of importance for public organizations to take into consideration when working with cyber security incident prevention. Our findings have subsequently resulted in insights that may inspire public organizations as to how they could work proactively towards preventing incidents. The identified factors revolve around the importance of performing internal and external analyses, defining roles and responsibilities, formulating goals and regulatory documents, educating and communicating to employees, the aspect of organizational culture, and consistent evaluation. How, and to what extent, public organizations work with these factors, indicate the level of preparation to prevent future cyber security incidents. Student thesisinfo:eu-repo/semantics/bachelorThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300application/pdfinfo:eu-repo/semantics/openAccess |
collection |
NDLTD |
language |
English |
format |
Others
|
sources |
NDLTD |
topic |
Cyber Security Incident Prevention Public Sector IT Security Information Security Other Social Sciences not elsewhere specified Övrig annan samhällsvetenskap |
spellingShingle |
Cyber Security Incident Prevention Public Sector IT Security Information Security Other Social Sciences not elsewhere specified Övrig annan samhällsvetenskap Enocson, Julia Söderholm, Linnéa Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
description |
Title: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public Sector, IT Security, Information Security Background: In today’s digital environment it has become crucial for organizations to protect themselves against cyber security attacks and incidents. Emerging technologies pose security risks and the number of cyber security incidents are increasing. Within the public sector it is considered as one of the most challenging phenomenons that governments face today, and awareness is limited. However, studies show that a majority of cyber security incidents could have been prevented. In addition, evidence indicates that incidents often occurs due to internal actions, and not external threats. Purpose: The purpose of our study is to identify factors that may impact public organizations’ capability to prevent cyber security incidents, and subsequently how they could work towards maintaining a proactive prevention. Methodology: This study has adopted a qualitative research strategy with the design of a case study of cyber security incident prevention in the public sector, examined through two organizations. In order to collect empirical data, semi-structured interviews were conducted. Conclusion: In this study we have, based on previous literature and empirical data, identified seven influential factors that may be of importance for public organizations to take into consideration when working with cyber security incident prevention. Our findings have subsequently resulted in insights that may inspire public organizations as to how they could work proactively towards preventing incidents. The identified factors revolve around the importance of performing internal and external analyses, defining roles and responsibilities, formulating goals and regulatory documents, educating and communicating to employees, the aspect of organizational culture, and consistent evaluation. How, and to what extent, public organizations work with these factors, indicate the level of preparation to prevent future cyber security incidents. |
author |
Enocson, Julia Söderholm, Linnéa |
author_facet |
Enocson, Julia Söderholm, Linnéa |
author_sort |
Enocson, Julia |
title |
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
title_short |
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
title_full |
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
title_fullStr |
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
title_full_unstemmed |
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate |
title_sort |
prevention of cyber security incidents within the public sector : a qualitative case study of two public organizations and their way towards a sustainable cyber climate |
publisher |
Linköpings universitet, Informatik |
publishDate |
2018 |
url |
http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300 |
work_keys_str_mv |
AT enocsonjulia preventionofcybersecurityincidentswithinthepublicsectoraqualitativecasestudyoftwopublicorganizationsandtheirwaytowardsasustainablecyberclimate AT soderholmlinnea preventionofcybersecurityincidentswithinthepublicsectoraqualitativecasestudyoftwopublicorganizationsandtheirwaytowardsasustainablecyberclimate AT enocsonjulia forebyggandetavcybersakerhetsincidenterinomoffentligsektorenkvalitativfallstudieavtvaoffentligaorganisationerochderasvagmotetthallbartcyberklimat AT soderholmlinnea forebyggandetavcybersakerhetsincidenterinomoffentligsektorenkvalitativfallstudieavtvaoffentligaorganisationerochderasvagmotetthallbartcyberklimat |
_version_ |
1718709118246584320 |