Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Cyber-threat perception and risk management in the Swedish financial sector
KTH Royal Institute of Technology, Sweden; Swedish Armed Forces Headquarters, Sweden.
KTH Royal Institute of Technology, Sweden; FOI Swedish Defence Research Agency, Sweden.
RISE Research Institutes of Sweden, Digital Systems, Mobility and Systems. KTH Royal Institute of Technology, Sweden.ORCID iD: 0000-0003-2017-7914
2021 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 105, article id 102239Article in journal (Refereed) Published
Abstract [en]

The financial sector relies heavily on information systems for business. This study sets out to investigate cyber situational awareness in the financial sector in Sweden, by examining what information elements that are needed for a common operational picture, and exploring how key actors perceive cyber-threats. Data was collected through a survey and a series of interviews with key actors in the sector in conjunction with a national level crisis management exercise. The data was then analyzed and contrasted to theory. Conclusions were drawn and results discussed. Finally, possible mitigation actions were suggested. It was found that actors in the Swedish financial sector have a well developed crisis management working concept. However, information about rational adversaries that cause prolonged disturbances is possibly not collected, analyzed and utilized systematically. Much effort is put into ensuring that timely and relevant information from organizations is shared in an efficient manner. The sector perceives cyber-threats against the underlying financial infrastructure, as well as for IT-service availability and data confidentiality, besides financial theft. The sector has particular concerns for the potential of reputational loss due to cyberattacks. There are also special concerns about the insider threat. Respondents agree that riskmanagement has to account for cyber risk. A possible route to enhance risk management practices is to ensure that cyber personnel are integrated in crisis management teams. © 2021

Place, publisher, year, edition, pages
Elsevier Ltd , 2021. Vol. 105, article id 102239
Keywords [en]
Common operational picture, Cyber security, Financial sector, Information assurance, Risk management, Situation awareness, Finance, Human resource management, Information management, Risk perception, Crisis management, Cyber threats, Financial sectors, Key Actors, Risks management, Swedishs
National Category
Information Systems
Identifiers
URN: urn:nbn:se:ri:diva-53044DOI: 10.1016/j.cose.2021.102239Scopus ID: 2-s2.0-85104154982OAI: oai:DiVA.org:ri-53044DiVA, id: diva2:1557257
Note

Funding details: Försvarsmakten; Funding text 1: This work was partially funded by the Swedish Armed Forces. We would like to thank the Swedish financial sector’s private-public partnership, FSPOS, and Josefine Rosén, 4C Strategies, for assistance in conjunction with the data collection phase, as well as all the survey respondents and interviewees.

Available from: 2021-05-25 Created: 2021-05-25 Last updated: 2023-06-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Franke, Ulrik

Search in DiVA

By author/editor
Franke, Ulrik
By organisation
Mobility and Systems
In the same journal
Computers & security (Print)
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 278 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf