ABSTRACT The purpose of this paper is to analyze how IT and cyber risks are currently perceived by companies. These risks may have critical impacts on the protection of organizational… Click to show full abstract
ABSTRACT The purpose of this paper is to analyze how IT and cyber risks are currently perceived by companies. These risks may have critical impacts on the protection of organizational value creation in many industries. We developed a qualitative study, using a grounded-theory approach, involving European organizations. We elaborated the data through a fuzzy set Qualitative Comparative Analysis (fsQCA). The findings reveal that companies rely mainly on risk mitigation measures, showing little awareness about what these threats are. However, the fsQCA correlates an effective protection of value creation to an holistic IT and cyber risk management, together with a thorough cross-functional communication.
               
Click one of the above tabs to view related content.