Abstract
Digitalization forces manufacturing companies to shift towards customer-oriented, highly data-driven forms of value creation. This results in a changing IT security risk landscape as data becomes an attractive target for adversaries leading to an increasing number of attacks. In order to successfully protect data, it is essential that it is assessed in an integrated manner. Although IT security and data-based value creation have been studied by large research bodies, the existing literature fails to provide guidance on IT security risk analysis in data-based value chains. To contribute to the closure of this research gap, we propose a modeling approach which allocates different data types to value activities and analyses the data types in relation to the properties of relevant IT security risks. The evaluation, conducted with industry experts, reveals that it is not only a company’s primary assets that are of concern but also less important data types subject to significant levels of exposure that bear considerable IT security risks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
