Developing a Framework for Measuring Organisational Cyber Resilience Against External and Internal Cyber Threats
MetadataShow full item record
This dissertation empirically examines the level of resilience and readiness for cyber-risks in public sector organisations within the United Arab Emirates (UAE) to provide managers with proactive mechanism to improve the cyber-resilience of their organisations. Moreover, the study aims to synthesize the extant literature and identifies new framework that filling the gaps in the current practices. The importance of this study stemmed from the fact that cyber threats are becoming a significant global concern prompting the importance of developing a reliable resilience mechanism to counter cyber threats and risks in the UAE public sector organisations. Therefore, the study addressed four distinct challenges in order to develop the framework for the UAE; providing tools for the management, accepting the human factors of cyber-security, exploring the correlation between the risks, and examining the moderating effect of organisational resilience on cyber-risk. Using a positivist/realist philosophy and an inductive approach to the data. The quantitative approach was chosen to quantify the attributes of the study variables with a motive to prove the tested hypothesis. A qualitative analysis would not have allowed this unless the same person carried out the later examination. Having a number or percentage gives the manager a clearer picture. This approach has been successfully used in other research into cyber-resilience. The relevant epistemology and ontology for the research are also explained fully in the methodology section. An online questionnaire was used to gather quantitative data from employees in different UAE public sector organisations. Exploratory factor analysis (EFA) and multiple regression analysis were used to analyse 207 variables. The EFA was used to evaluate the underlying factor structure of a correlation matrix, and to build a theory. This helped to identify the latent factors underlying the manifest variables, and the relationships between latent and manifest variables. After the EFA, a multilinear regression analysis was used to further examine the study hypotheses that emerged from the factor analysis. The findings suggest that all the public sector organisations in the UAE have a satisfactory level of resilience to potential cyber-threats. There was a high level of awareness among UAE public sector employees of cyber-threats and risks, which could contribute to readiness and resilience to cyber-threats or attacks. This suggests that there may be a relationship between the level of employee awareness and readiness to deal with cyber-threats, and the organisations’ overall resilience and readiness. This study contributes to the literature on cyber-resilience best practices. It provides organisations in the UAE public sector with a conceptual model to enable them to evaluate and identify potential weaknesses in their readiness for and resilience to cyber-threats. The feedback from the pilot study suggests that the specialists spoken to believe that this is one of the first empirical studies to establish a relationship between the level of employee awareness and readiness to deal with cyber-threats, and the level of organisational resilience and readiness in UAE public sector organisations.
Showing items related by title, author, creator and subject.
The effects of blockchain implementation on Cyber risks mitigating strategies in the financial sector in the United Arab Emirates SAADEH, YASSER MOHAMMED (The British University in Dubai (BUiD), 2018-06)Blockchain technology will be the base of current and future business in all fields, as it allows information to be transferred and updated by network participants in a trustworthy, secure and efficient way. This feature ...
ALSHEHHI, KHALID MOHAMED (The British University in Dubai (BUiD), 2017-10)The cyber security preparedness has turned into a significant element of the business over the years. Due to globalization and the latest advancements, the internet has become a common thing now. However, internet and ...
Aljniebi, Alya (The British University in Dubai (BUiD), 2020-04)The aim of this research is to identify the history of cyber threats and define the cyber security system. Moreover, highlight the human behavior and factor that influencing the security system supported by a qualitative ...