Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Business Strategy analysis of Cybersecurity Incidents

Business Strategy analysis of Cybersecurity Incidents AbstractIn the current social and economic processes, information and communication services play a decisive role, changing several entities’ operations. The growing dependence that has developed over the last two decades made the security needs introduced political will, which has resulted in an iterative evolution of the regulatory environment. Hence, the legal framework requires that several entities develop protection that includes controls enhancing both preventive and reactive in a risk-proportionate manner under the business value to be protected. Nevertheless, due to the nature of cybersecurity, the development of such capabilities is not the task of a single organisation but all entities involved in cyberspace, including, e.g., individuals, non-profit and for-profit organisations, public sector actors. Therefore, each involved entity should design protection capabilities in a risk-proportionate manner, which requires strategic approaches and tools and requires organisations to learn from security incidents. This paper reviews the essential formal security strategy formulation tools, applying in the Facebook’s case based on publicly available information. The analysis aims to confirm the importance of management’s attitude and support for tackling cybersecurity’s challenges. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Land Forces Academy Review de Gruyter

Business Strategy analysis of Cybersecurity Incidents

Loading next page...
 
/lp/de-gruyter/business-strategy-analysis-of-cybersecurity-incidents-U0XOh3nhA1

References (23)

Publisher
de Gruyter
Copyright
© 2021 Zsolt Bederna et al., published by Sciendo
eISSN
2247-840X
DOI
10.2478/raft-2021-0020
Publisher site
See Article on Publisher Site

Abstract

AbstractIn the current social and economic processes, information and communication services play a decisive role, changing several entities’ operations. The growing dependence that has developed over the last two decades made the security needs introduced political will, which has resulted in an iterative evolution of the regulatory environment. Hence, the legal framework requires that several entities develop protection that includes controls enhancing both preventive and reactive in a risk-proportionate manner under the business value to be protected. Nevertheless, due to the nature of cybersecurity, the development of such capabilities is not the task of a single organisation but all entities involved in cyberspace, including, e.g., individuals, non-profit and for-profit organisations, public sector actors. Therefore, each involved entity should design protection capabilities in a risk-proportionate manner, which requires strategic approaches and tools and requires organisations to learn from security incidents. This paper reviews the essential formal security strategy formulation tools, applying in the Facebook’s case based on publicly available information. The analysis aims to confirm the importance of management’s attitude and support for tackling cybersecurity’s challenges.

Journal

Land Forces Academy Reviewde Gruyter

Published: Jun 1, 2021

Keywords: cybersecurity; cybersecurity capabilities; cybersecurity strategy

There are no references for this article.