Search results

There is a research gap in the explanation of cyber incident response approaches in management to increase cyber maturity for small–medium-size enterprises (SMEs). Therefore, based on the literature analysis, the chapter aims to (1) provide cyber incident response characteristics, (2) show the importance for SMEs, (3) identify cyber incident response feasibility and causal factors, (4) provide scenarios for consideration to create an incident response plan (IRP), and (5) discuss the cyber incident response and managerial approaches in SMEs. The authors used content analysis of scientific and professional articles to develop the theoretical foundation of incident response approaches in management for SMEs. The authors start from the fundamentals to obtain knowledge and understanding of the latest threats and opportunities, and how to defend themselves using the limited capacity of resources might be the starting point to building an extensive incident response capability. Incident response capabilities and maturity levels vary widely between various organisations. There is no simple one-size-fits-all process for incident response; each case is unique and requires continuous refinement. Differentiation and adaptation to different types of SMEs are pivotal to developing cyber maturity and defining requirements that fit the market’s needs and are therefore more efficient in achieving the goal of increasing cyber security (CS) among business management. SMEs may not have a mature IRP, but at least one readiness indicator could lead to the preparation of a mature IRP. Implementation of the secure undertakings and information processes requires using modern information and communication technologies, incident response processes, and other modules that could enhance support for decision-making processes in management. The approach requires a systematic approach to issues related to constructing these solutions. The authors highlight that building efficient incident response approaches in management to improve cyber maturity will begin with infrastructure and people factors.

Rational use of the information available to companies is one of the strategic concerns for both family businesses and non-family businesses. The aim is to make the best use of the information resulting from data analysis in order to gain strategic advantage and to be more competitive as a company in all its functional areas. Experience indicates that emotions play an important role, especially in family businesses. Many maturation models exist to analyze decision-making processes (DMPs), but none from the perspective of family business cognition. The authors start from their own “Circumplex Hierarchical Representation of Organisation Maturity Assessment” (CHROMA) model (Parra, Tort-Martorell, Ruiz-Viñals, & Alvarez-Gomez, 2017), which was created to support decision processes in family businesses. This model was proven successful in the analysis of DMPs in large family businesses. The model was simplified as CHROMA-SHADE (Parra, Tort-Martorell, Ruiz-Viñals, & Alvarez-Gomez, 2019), more adequate for the analysis of small and medium-sized family businesses. Despite being a good DMP analysis instrument, intangible aspects such as family values and emotions have not yet been included. Both entrepreneurial emotions and entrepreneurial cognition must be taken into account when analyzing the DMP of the family business. In this chapter, the authors wish to explore attributes that can be introduced into a new dimension in the CHROMA model in order to make it more specific in the analysis of DMPs of family businesses regardless of size. The resulting FAMILY-CHROMA model represents a specific maturation model to evaluate DMPs based on the use of business information of family businesses.

The Public Sector is usually assumed to have a risk avoidance culture, with a reactive rather than proactive approach towards the management. However, an improved holistic approach seems to be required, especially when considering the complexity and size of the Public Sector, and the challenges it faces to connect the services, clients and the different levels of governance.

Within this chapter, the authors lay out a maturity level evaluation of Governance, Risk Management and Compliance (GRC) within the Maltese Public Sector. Through documentation analysis of the available literature on the subject, the authors determine the principal themes required to develop an effective GRC practice across the Public Sector. The authors then design statements based on the identified GRC themes and administer it using an online survey tool to Public employees across different Ministries, Departments, Agencies and Entities, in order to obtain their perception. This is in order to determine gaps, weaknesses or limiting factors towards the implementation of an effective GRC.

The results show that, although, there is a substantial percentage of scepticism and few disagreements towards some of the statements, especially those which related to Risk Management (RM) and Internal Auditing (IA), the majority of Public Sector bodies do in fact show high standards of GRC practices integrated and present in their day-to-day operations and internal environment, showing that there is a well-developed Governance, Compliance and Control structure and Internal Audit function across the Sector.

However, the perception of participants is that the RM function is the least developed area. IA needs some improvement especially where trust on advice is involved.

This paper explored the relationship between the embeddedness of a firm’s managerial values and corporate financial performance in Swiss small and medium-sized enterprises (SMEs) by developing a conceptual maturity model of managerial values (MM-MV). The MM-MV articulates the extent to which managerial values are embedded within organizations, allowing the analysis of the interrelationship between the degree of values-embeddedness and financial performance in SMEs. The findings suggested that as managerial values become more embedded, financial performance increases; therefore, SMEs exhibiting highly embedded managerial values such as customer-minded, team spirit, innovation-driven reliability, persistency, competency, and engagement tend to financially outperform SMEs that have not fully embedded managerial values throughout the firm.

In the current scenario, cybersecurity issues have emerged to be a major challenge for firms to deal with. The increased use of technologies has increased radically the volume and typology of information produced, exchanged, and managed by firms thus creating conditions for cybersecurity incidents or information breaches. In this situation, it becomes paramount for firms to recognize cybersecurity risks and be prepared to prevent them through the implementation of approaches and technologies able to ensure a high level of protection.

In this chapter, we provide a framework for analyzing and managing cybersecurity risks. We employed a case study strategy to understand how the risk analysis process is carried out within an Information Security company. The study and observations obtained from this case study have permitted to define a framework useful for SME to deal with cybersecurity issues.

Sustainable management requires companies to build up new knowledge to acquire the competencies needed for action. This chapter aims to deliver knowledge about sustainability and knowledge for sustainability. Firstly, we systematically analyse the sustainability literature in the social sciences through a bibliographic analysis and topic modelling using VOSviewer and Mallet software. We outline research directions, themes and critical contributions for each research cluster identified. Additionally, we categorise over 30 definitions of sustainability identified by Meuer, Koelbel, and Hoffmann (2020). Secondly, we enumerate knowledge types needed for effective sustainability transitions of organisations. We trace typologies of sustainable business models and their distinct evaluations of sustainability. In this chapter, we argue that integrating the triad of social, ecological and economic goals is central for sustainability attempts as well as long-term thinking. Therefore, our research offers a comprehensive overview of sustainability in the social sciences supporting researchers and practitioners to navigate this miscellaneous and scattered field. Accordingly, our study is precious to young scholars researching sustainability who want to use the term in an informed and meaningful way.