Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate

Title: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public...

Full description

Bibliographic Details
Main Authors: Enocson, Julia, Söderholm, Linnéa
Format: Others
Language:English
Published: Linköpings universitet, Informatik 2018
Subjects:
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300
id ndltd-UPSALLA1-oai-DiVA.org-liu-149300
record_format oai_dc
spelling ndltd-UPSALLA1-oai-DiVA.org-liu-1493002018-06-30T05:36:38ZPrevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climateengFörebyggandet av cybersäkerhetsincidenter inom offentlig sektor : En kvalitativ fallstudie av två offentliga organisationer och deras väg mot ett hållbart cyber klimatEnocson, JuliaSöderholm, LinnéaLinköpings universitet, InformatikLinköpings universitet, Filosofiska fakultetenLinköpings universitet, InformatikLinköpings universitet, Filosofiska fakulteten2018Cyber SecurityIncidentPreventionPublic SectorIT SecurityInformation SecurityOther Social Sciences not elsewhere specifiedÖvrig annan samhällsvetenskapTitle: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public Sector, IT Security, Information Security Background: In today’s digital environment it has become crucial for organizations to protect themselves against cyber security attacks and incidents. Emerging technologies pose security risks and the number of cyber security incidents are increasing. Within the public sector it is considered as one of the most challenging phenomenons that governments face today, and awareness is limited. However, studies show that a majority of cyber security incidents could have been prevented. In addition, evidence indicates that incidents often occurs due to internal actions, and not external threats. Purpose: The purpose of our study is to identify factors that may impact public organizations’ capability to prevent cyber security incidents, and subsequently how they could work towards maintaining a proactive prevention. Methodology: This study has adopted a qualitative research strategy with the design of a case study of cyber security incident prevention in the public sector, examined through two organizations. In order to collect empirical data, semi-structured interviews were conducted. Conclusion: In this study we have, based on previous literature and empirical data, identified seven influential factors that may be of importance for public organizations to take into consideration when working with cyber security incident prevention. Our findings have subsequently resulted in insights that may inspire public organizations as to how they could work proactively towards preventing incidents. The identified factors revolve around the importance of performing internal and external analyses, defining roles and responsibilities, formulating goals and regulatory documents, educating and communicating to employees, the aspect of organizational culture, and consistent evaluation. How, and to what extent, public organizations work with these factors, indicate the level of preparation to prevent future cyber security incidents. Student thesisinfo:eu-repo/semantics/bachelorThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300application/pdfinfo:eu-repo/semantics/openAccess
collection NDLTD
language English
format Others
sources NDLTD
topic Cyber Security
Incident
Prevention
Public Sector
IT Security
Information Security
Other Social Sciences not elsewhere specified
Övrig annan samhällsvetenskap
spellingShingle Cyber Security
Incident
Prevention
Public Sector
IT Security
Information Security
Other Social Sciences not elsewhere specified
Övrig annan samhällsvetenskap
Enocson, Julia
Söderholm, Linnéa
Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
description Title: Prevention of Cyber Security Incidents within the Public Sector - A qualitative case study of two public organizations and their way towards a sustainable cyber climate Authors: Julia Enocson and Linnéa Söderholm Supervisor: Ida Lindgren Keywords: Cyber Security, Incident, Prevention, Public Sector, IT Security, Information Security Background: In today’s digital environment it has become crucial for organizations to protect themselves against cyber security attacks and incidents. Emerging technologies pose security risks and the number of cyber security incidents are increasing. Within the public sector it is considered as one of the most challenging phenomenons that governments face today, and awareness is limited. However, studies show that a majority of cyber security incidents could have been prevented. In addition, evidence indicates that incidents often occurs due to internal actions, and not external threats. Purpose: The purpose of our study is to identify factors that may impact public organizations’ capability to prevent cyber security incidents, and subsequently how they could work towards maintaining a proactive prevention. Methodology: This study has adopted a qualitative research strategy with the design of a case study of cyber security incident prevention in the public sector, examined through two organizations. In order to collect empirical data, semi-structured interviews were conducted. Conclusion: In this study we have, based on previous literature and empirical data, identified seven influential factors that may be of importance for public organizations to take into consideration when working with cyber security incident prevention. Our findings have subsequently resulted in insights that may inspire public organizations as to how they could work proactively towards preventing incidents. The identified factors revolve around the importance of performing internal and external analyses, defining roles and responsibilities, formulating goals and regulatory documents, educating and communicating to employees, the aspect of organizational culture, and consistent evaluation. How, and to what extent, public organizations work with these factors, indicate the level of preparation to prevent future cyber security incidents.
author Enocson, Julia
Söderholm, Linnéa
author_facet Enocson, Julia
Söderholm, Linnéa
author_sort Enocson, Julia
title Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
title_short Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
title_full Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
title_fullStr Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
title_full_unstemmed Prevention of Cyber Security Incidents within the Public Sector : A qualitative case study of two public organizations and their way towards a sustainable cyber climate
title_sort prevention of cyber security incidents within the public sector : a qualitative case study of two public organizations and their way towards a sustainable cyber climate
publisher Linköpings universitet, Informatik
publishDate 2018
url http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-149300
work_keys_str_mv AT enocsonjulia preventionofcybersecurityincidentswithinthepublicsectoraqualitativecasestudyoftwopublicorganizationsandtheirwaytowardsasustainablecyberclimate
AT soderholmlinnea preventionofcybersecurityincidentswithinthepublicsectoraqualitativecasestudyoftwopublicorganizationsandtheirwaytowardsasustainablecyberclimate
AT enocsonjulia forebyggandetavcybersakerhetsincidenterinomoffentligsektorenkvalitativfallstudieavtvaoffentligaorganisationerochderasvagmotetthallbartcyberklimat
AT soderholmlinnea forebyggandetavcybersakerhetsincidenterinomoffentligsektorenkvalitativfallstudieavtvaoffentligaorganisationerochderasvagmotetthallbartcyberklimat
_version_ 1718709118246584320