University of Twente Student Theses
Cyber Security Maturity in European Startup Enterprises : An Empirical Investigation
Pröschold, David (2025) Cyber Security Maturity in European Startup Enterprises : An Empirical Investigation.
|
PDF
5MB |
| Abstract: | Cyber security research has been on the rise in recent years because of the growing use of Information and Communication Technology across all business sectors. However, cyber security maturity in small and emerging, especially startup enterprises are under-explored. In this research project we review existing research and find out where current research is directed at and what it is missing. We find there are no cross sectional studies on European startup enterprises focusing on cyber security maturity. Also, current studies struggle to define cyber security maturity indications that are easily quantifiable. Through a systematic literature review we create a though model of influences and define a construct of cyber security maturity. In the following cross sectional study we aim to answer what the main drivers for startup enterprises to invest in cyber security maturity are and how more mature enterprises are characterized. We simultaneously collect similar data on enterprises listed in the S&P500 stock index to compare startups with mature enterprises. To measure the cyber security maturity in enterprises we measure ISO27001 and SOC certificates, C-level commitment to cyber security and publicly observable parts of their IT-infrastructure. We find startups operating in the financial, technical and scientific areas, achieve higher levels of cyber security maturity more commonly. Received funding and the popularity of an enterprises’ website appear to be linked closely to an enterprises’ investment in cyber security. It seems that startup enterprises are in parts more mature than suggested by the literature. We find differences in maturity across European countries and business sectors. The main difference between startup enterprises and the S&P 500 is the bigger presence of C-level management commitment towards cyber security maturity in the S&P. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Programme: | Business Information Technology MSc (60025) |
| Link to this item: | https://purl.utwente.nl/essays/104969 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page