Managing cyber attacks – The construction and organization of corporate digital responsibility in Swedish companies (CODIRES)

A person in black hoodie with the binary code in background.

The project wants to understand the social construction and organisation of digital responsibility of digitally active companies.

Little is known about how companies deal with cyber-attacks and how do roles, obligations, rights, and responsibilities of organizational members evolve in mastering these attacks. The effects of the digital transformation have had however far-reaching effects on society, politics, organizations, and individuals. As a result, both the benefits and risks associated with the emerging digital transformation are increasing. In Sweden, it is said that the annual cost as a result of cyber-attacks for technology companies is SEK 16 billion a year. Other sectors are affected likewise. Major cyber-attacks in Sweden forced, for instance, most Coop's stores to close after a global cyberattack that knocked out the grocery chain’s cash register system. Furthermore, the new European cybersecurity and data protection regulations indicate information and cyber security are an important issue. Against this background, the project aims to investigate how organizations construct and organize the company’s digital responsibility.

Our research results should contribute with new knowledge about how digitally active companies socially construct and develop digital (non-)responsibility. To this end, we no longer view organizations as recipients of societal expectations and regulations or victims of cyber-attacks. We perceive them as creators of digital responsibility. This theoretical shift is important to overcome a static approach to the digital responsibility of companies and to develop a process approach in which organizations can learn from the (un)intended consequences of digital (non-)responsibility and develop a proactive attitude towards digital demands. The results will also benefit governmental agencies and industry organizations who will gain a better understanding of how organizations can effectively manage and prevent cyber-attacks.

The project uses a mix method approach which combines expert interviews about cyber-accidents, a qualitative multi-case study, digital text analysis with further quantitative data from a survey among digitally active companies in Sweden.

A reference group established alongside the project involves other disciplines and secures the perspective of further national and international stakeholders.

Between 2022 and 2024, the project is financed by the Swedish Research Council (project no. 2021-06313). 

Contact Show/Hide content

Publications Show/Hide content

2022

2021

2020

Organisation Show/Hide content