University of Twente Student Theses


Develop and adopt the organizational cybersecurity culture in the Covid-19 teleworking scenario

Niu, Z. (2022) Develop and adopt the organizational cybersecurity culture in the Covid-19 teleworking scenario.

[img] PDF
Abstract:Since the outbreak of the Covid-19 virus, governments throughout Europe have been implementing work-from-home (WFH) suggestions to prevent the spread of the virus and safeguard the safety of individuals. Meanwhile, cyber-attacks utilizing the virus outbreak as the bait has started to appear, which has had a detrimental effect globally on the overall functioning of businesses. In the face of the Dutch WFH regulation and the prevalence of cyber-attacks world widely, Hanshow Netherlands B.V, an overseas branch of an international company that landed in the Netherlands in 2019, has gradually realized the importance of cybersecurity as well as teleworking management. With this, the company's top management initiated an assessment of the company's cybersecurity readiness, established a teleworking guideline, and a plan to foster an organizational cybersecurity culture. As an overseas small and medium-sized technology enterprise, it was a long and difficult challenge for Hanshow Netherlands B.V to develop employees' awareness of cybersecurity, improve teleworking initiatives, maintain customer endpoint information, and ultimately develop an organizational cybersecurity culture. This master's thesis aims to design and evaluate a model that helps small and medium-sized technology companies establish an organizational cybersecurity culture. The case of Hanshow Netherlands B.V served as the foundation for the design and evaluation of this model. However, we expect the model to be relevant and valuable for contexts well beyond Hanshow. By collecting anonymous questionnaires from all Hanshow Netherlands B.V employees, this thesis first assessed the company's current cybersecurity readiness, teleworking attitude, and cybersecurity awareness. These three dimensions were chosen because of their importance for the empirical research on the topic of organizational cybersecurity culture. It is noticeable that Hanshow was exposed to risks and cyber-attacks during the epidemic. After comprehending the current state of Hanshow, this thesis evaluates two previously published models (Huang & Pearlson, 2019; Alshaikh, 2020) on related topics to target two phases (1) The phase of establishing a cybersecurity culture; (2) The phase of enhancing and implementing a cybersecurity culture. After combining the cultural characteristics of Hanshow, a model for establishing a cybersecurity culture in small and medium-sized businesses is proposed. In order to verify the model's feasibility, operability, and practicability, this paper also conducts an expert evaluation. The model presented in this thesis explains how to develop organizational cybersecurity culture and the components that contribute to its formation. The proposed model is based on Hanshow's cybersecurity culture status, which categorized five practical categories for building organizational and individual cybersecurity initiatives. In the long run, this model can help organizations go beyond minimum compliance standards to create functional cyber security cultures and serve as a reference for other SMEs seeking corporate cybersecurity culture advice
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page