English Abstract
Abstract :
In recent years, the proliferation of cyber attacks has accelerated, affecting the cyber security of various organizations around the world. Organizations have to be ready to combat cyber attacks. There is a lack of comprehensive studies examining the factors impacting the cyber security readiness of organizations. The objective of this research is to examine the different factors affecting the cyber security readiness of organizations and the impact of cyber security readiness on organizational performance. To achieve these objectives, this study adopts the Technology-Organization-Environment (TOE) framework to examine factors affecting the cyber security readiness of organizations at the organizational level. The technological factor is the IT infrastructure. The organizational factors include top management support, organizational skills, and organizational culture. The environmental factors are collaboration with competitors, supplier/partner relationships, government regulations, government support, and industry standards. In addition, the impact of cyber security readiness on security performance and the impact of security performance on financial and non-financial performance are examined.
The study employs a survey study with 270 valid responses from IT professionals in Bahrain to examine the impacts of various factors on an organization's cyber security readiness and how cyber security readiness affects organizational performance. SPSS and AMOS software are utilized to conduct the data analysis.
Overall, the results of the study enhance the current understanding of the salient factors that must be managed to ensure the cyber security readiness of organizations (IT infrastructure, top management support, organizational skills, organizational culture, supplier/partner relationships, government regulations, and industry standards). Two environmental factors, collaboration with competitors and government support, did not significantly positively impact cyber security readiness in this study. Cyber security readiness is positively related to organizational security
performance, while organizational security performance is positively related to financial and non-financial performance.
These findings suggest several practical and theoretical implications for both organizations and researchers. The most significant contribution of this research is a new comprehensive model of factors affecting the cyber security readiness of organizations.
Keywords: Cyber security; readiness; TOE framework; security performance; financial performance; non-financial performance.