Litcius/Paper detail

When traditional SME managers encounter cybersecurity: Discourse analysis of opportunities and dilemmas in meeting the demands

Yang Hoong, Davar Rezania, Ron Baker

2024Technology in Society10 citationsDOIOpen Access PDF

Abstract

Grounded in a socio-technical systems governance framework, we explore the perceptions and strategies of SME managers and cybersecurity providers within the cybersecurity landscape. Addressing the gap in understanding of how cybersecurity governance takes place in the Canadian SME landscape, Interviews were conducted with 35 SME representatives and 11 cybersecurity providers and analyzed using discourse analysis. The results highlight four critical themes in this socio-technical transition: initial conditions, SME business model discourse, cybersecurity provider business model discourse, and transition outcomes. The transition underpins a mode of governance, blending elements of oligopoly and self-regulation, characterized by the dominance of key cybersecurity firms and a more facilitative role of state actors. A novel conceptual model emerges from the study, explicating the transition in SME institutional logics from a traditional ‘legacy logic’ towards an integrated cybersecurity approach. This transition is shaped by the principal-agent disconnect and moderated by SME and cybersecurity provider business model discourses.

Topics & Concepts

Corporate governanceTransition (genetics)Dominance (genetics)Critical discourse analysisPublic relationsBusinessState (computer science)Grounded theoryComputer securityKnowledge managementProcess managementPolitical scienceSociologyComputer scienceQualitative researchPoliticsFinanceLawChemistryGeneSocial scienceAlgorithmBiochemistryIdeologyInformation and Cyber SecurityInformation Systems Theories and ImplementationCybersecurity and Cyber Warfare Studies