The effect of environmental turbulence on cyber security risk management and organizational resilience

Abstract

Even though there is a plethora of research on the role of environmental turbulence in organizational performance in general, little attention has been paid to the effect of environmental turbulence on cyber security risk management and further - organizational resilience. Drawing on the resource-based view and contingency theory, this study investigates how technological and market turbulence influence organizational cyber security risk management (CSRM) and then organizational resilience. Using a data set from 150 European companies, the study findings show how the two types of turbulence have different effects on CSRM in the companies studied. Technological turbulence directly impacts the firms’ cyber security risk maturity while market turbulence has a direct positive affect on firms’ cyber security risk perception. The study also determines the interplay between risk perception and risk maturity and subsequent resilience.