Cyber Security Risk Assessments, Compliance and Violations: A Systematic Review of The Intervening Role of Top Management in Organizations

ABSTRACT:

Study on how managers respond to cyber security breaches has focused on exterior activities, such as customer service and crisis management. An internal breach inside the organisation might indicate more severe challenges, and a narrow emphasis on addressing immediate issues with technological solutions and controls may impede the implementation of broader managerial measures to guarantee future cyber security. Information Security Risk Assessments (ISRA) may help uncover further exposures after a breach in order to accomplish this objective. Information Systems (IS) research lacks sufficient theoretical exploration of this function and lacks empirical evidence to support it. According to research, when business-level data is analyzed, it has been shown that substantial breach expenses may result in more focus on cyber security by the Top Management Team (TMT) and enhance the probability of the firm doing an Information Security Risk Assessment (ISRA). Moreover, TMT's emphasis on cyber security assists in mitigating the correlation in the middle of breach expenses which correlates to the resolution for a comprehensive ISRA chore. Top Management Team has the ability to allocate funds for the Integrated Strategic Resource Allocation of the organization.

Keywords: Information Systems, Cyber Security, Information Security Risk Assessments, Top Management Team.