This study investigates the impact of bounded rationality on information security decisions in public Swedish authorities. The research addresses how cognitive limitations and organizational dynamics shape decisions in this area. Utilizing qualitative research methods, in-depth interviews and document analysis, the study provides nuanced insights into decision-making processes. A thematic analysis identifies six recurring themes influencing decision-making: Awareness & Knowledge, Individual Characteristics, Organizational Culture & Behavioral Patterns, Organization & Execution, Regulatory Frameworks & Management, Responsibility & Obligation. The findings reveal significant influences and barriers in implementing effective security strategies, making a theoretical contribution to information security management in public sectors. This research highlights the importance of understanding human behavior in information security, offering insights to shape strategic directions for policy and practical implementation to enhance organizational and national cybersecurity resilience.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:su-226243 |
Date | January 2024 |
Creators | Malm Wiklund, Oskar, Larsson, Caroline |
Publisher | Stockholms universitet, Företagsekonomiska institutionen |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.002 seconds