Corporate digital responsibility - Managing cyberattacks in Swedish companies (CODIRES)

A person in black hoodie with the binary code in background.

The project wants to understand the social construction and organisation of digital responsibility of digitally active companies.

Little is known about how companies deal with cyber-attacks and how do roles, obligations, rights, and responsibilities of organizational members evolve in mastering these attacks. The effects of the digital transformation have had however far-reaching effects on society, politics, organizations, and individuals. As a result, both the benefits and risks associated with the emerging digital transformation are increasing. In Sweden, it is said that the annual cost as a result of cyber-attacks for technology companies is SEK 16 billion a year. Other sectors are affected likewise. Major cyber-attacks in Sweden forced, for instance, most Coop's stores to close after a global cyberattack that knocked out the grocery chain’s cash register system. Furthermore, the new European cybersecurity and data protection regulations indicate information and cyber security are an important issue. Against this background, the project aims to investigate how organizations construct and organize the company’s digital responsibility.

Our research results should contribute with new knowledge about how digitally active companies socially construct and develop digital (non-)responsibility. To this end, we no longer view organizations as recipients of societal expectations and regulations or victims of cyber-attacks. We perceive them as creators of digital responsibility. This theoretical shift is important to overcome a static approach to the digital responsibility of companies and to develop a process approach in which organizations can learn from the (un)intended consequences of digital (non-)responsibility and develop a proactive attitude towards digital demands. The results will also benefit governmental agencies and industry organizations who will gain a better understanding of how organizations can effectively manage and prevent cyber-attacks.

The project uses a mix method approach which combines expert interviews about cyber-accidents, a qualitative multi-case study, digital text analysis with further quantitative data from a survey among digitally active companies in Sweden.

A reference group established alongside the project involves other disciplines and secures the perspective of further national and international stakeholders.

Between 2022 and 2024, the project is financed by the Swedish Research Council (project no. 2021-06313). 




Josefine Rasmussen, Mikael Ottosson, Henrik Nehler, Andrea Fried (2024) CONSENSYS: Controllern - en outforskad aktör i omställningen mot hållbara energisystem: Resultat och praktiska implikationer


Svjetlana Pantic-Dragisic, Frida Pemer (2023) Working Betwixt And Between: Virtual Teamwork In Management Consulting
Svjetlana Pantic-Dragisic, Frida Pemer (2023) Professional Identity Formation: Exploring the Effects of Covid-19 on Management Consulting Firms Professional Identity Formation: Exploring the Effects of Covid-19 on Management Consulting Firms
Janet Johansson, Andrea Fried (2023) Introducing the philosophy of hope to restore the power of imagination in utopian and dystopian discourses in organization research
Arne Jönsson, Subhomoy Bandyopadhyay, Svjetlana Pantic-Dragisic, Andrea Fried (2023) Analyses of information security standards on data crawled from company web sites using SweClarin resources CLARIN Annual Conference Proceedings: 2023