IT Security Investment Decision by New Zealand Owner-Managers

IT Security Investment Decision by New Zealand Owner-Managers

Radiah Othman (School of Accountancy, Massey University, New Zealand) and Sydney Kanda (7 Eyes Cyber Security Consultants, New Zealand)
DOI: 10.4018/978-1-7998-3149-5.ch014

Abstract

Small businesses employ 29% of New Zealand's private sector workforce and account for more than a quarter of its gross domestic product. Thus, a large-scale attack on small businesses could prove to be catastrophic to the economy. This chapter, which is framed by the protection motivation theory, explores 80 small business owners' IT security decision-making via an online survey. The findings revealed that 21% of small businesses were affected by ransomware. Fifty-one percent of the respondents did not have any anti-malware and none of the respondents used data classification, which means all information was regarded as the same. Since they managed to recover their backup information, they did not perceive the threat of ransomware as imminent. In terms of coping appraisal, it is assumed that if the business owner-managers believe that the capability of IT security investment averts threats in their organizations, they will be more inclined to develop an intention to invest in it.
Chapter Preview
Top

Most businesses rely on computers and IT to the extent that it would be impossible to manage without them. Increasing investment in technological advances is necessary to increase presence, speed in responding to customers’ needs, and leverage on competition in the targeted market. Information has become so prolific that companies have had to change their business models and processes to become more open by introducing multiple touch points for stakeholders and customers wanting to interact with them (Kwok, 2015). This also presents abundant opportunities for unauthorized access and data breaches (Watad, Washah, & Perez, 2018).

Key Terms in this Chapter

Decision-Making: The process that a small business owner-manager undertakes in making the selection of a course of action available.

Malware: A type of software that can cause damage to business information.

Investment: The action of investing or allocating business funding.

Management Accounting: The process and analysis of information, such as cost, by the owner-manager in considering alternatives to achieve strategic goals.

IT Security: The practice of protecting and securing business information using hardware and software.

Encryption: The process of encoding business files and documents to allow only authorized parties to access.

Complete Chapter List

Search this Book:
Reset