Assessment of Cybersecurity in Organizations: An Empirical Study of Czech and Slovak Organizations

Abstract

The purpose of this research is to evaluate how companies approach cybersecurity, which measures the companies set, and how it is reflected in relation to organizational learning. A questionnaire was distributed electronically among 124 IT and IS professionals working in companies based in the Czech and Slovak Republic. Hypotheses were tested using the chi-square test of independence, the Mann–Whitney U test, and the Pearson correlation coefficient. The results depict that cybersecurity is a fundamental topic for most companies. Unless companies declare the importance of cybersecurity, they do not tend to set and use security rules unless they are not under security laws. Research shows that costs for cybersecurity are variable, not fixed, and are in correlation with the size of the company and the turnover.The purpose of this research is to evaluate how companies approach cybersecurity, which measures the companies set, and how it is reflected in relation to organizational learning. A questionnaire was distributed electronically among 124 IT and IS professionals working in companies based in the Czech and Slovak Republic. Hypotheses were tested using the chi-square test of independence, the Mann–Whitney U test, and the Pearson correlation coefficient. The results depict that cybersecurity is a fundamental topic for most companies. Unless companies declare the importance of cybersecurity, they do not tend to set and use security rules unless they are not under security laws. Research shows that costs for cybersecurity are variable, not fixed, and are in correlation with the size of the company and the turnover.