Key points are not available for this paper at this time.
High-profile incidents, such as the 2019 Capital One data breach and the 2017 Equifax breach, have engendered doubts about firm trustworthiness, resulting in cybersecurity becoming a critical risk factor firms must address. Breaches can precipitate extreme consequences for managers, shareholders and customers of the affected firm. Unsurprisingly, data breaches are the biggest concern of IT leaders. This field study uses a qualitative approach by interviewing C-Level executives and IT consultants. With the use of semi-structured interviews, we investigate cybersecurity concerns and influencers of adoption decisions for cybersecurity. We find that the traditional Technology Organization Environment (TOE) framework does not fully capture the range of issues in the cybersecurity context and therefore propose a new extended TOE framework that is specific to cybersecurity adoption decisions. This extended framework includes new dimensions, cyber catalysts and practice standards, as well as new factors under the traditional dimensions of technology, organization, and environment.
Wallace et al. (Wed,) studied this question.