Return to search

Development of a guideline for cybersecurity awareness-raising in large Swedish public organizations : A design science project

Technological advancement has significantly impacted people and organizations during the last decade. Society is exposed to an increasing rate of cyber-attacks utilizing sophisticated tools to accomplish their objectives. Previously attackers’ primary focus was exploiting technological vulnerabilities to access organizations’ information; however, attackers have shifted their focus to exploiting the vulnerabilities in people’s human nature instead. This has resulted in organizations acknowledging that technical security measures alone are insufficient in providing adequate protection for organizations and need to invest in mitigating the risk people pose to an organization’s cybersecurity. Thus realizing the need to address cybersecurity’s social-technical nature. Organizations have begun implementing cybersecurity awareness-raising initiatives to increase people’s cybersecurity awareness to reduce human-instigated breaches. This is especially crucial for organizations in the public sector to achieve because they tend to produce more destructive and widespread repercussions to society. To provide organizations in the public sector with the means to achieve good cybersecurity awareness, this thesis aims to develop a guideline for managers in large Swedish public organizations to assist them in their complex cybersecurity awareness-raising endeavors. The thesis employs a design science research strategy to develop, evaluate, and validate the guideline with the assistance of cybersecurity awareness experts. The results show six principal factors have been established as significant for raising cybersecurity awareness in large Swedish public organizations. These factors range from user-oriented, managerial, and technical, supporting the assertion that cybersecurity is a complex socio-technical matter. The key contribution of this thesis is to introduce a highly abstract guideline to enhance large Swedish public organizations’ cybersecurity awareness efforts.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:his-22898
Date January 2023
CreatorsBurvall, Felicia
PublisherHögskolan i Skövde, Institutionen för informationsteknologi
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.002 seconds