Factors Effecting Cyber Incident Occurrence: Mediating Role of Cyber IncidentReporting Mechanism

Abstract

The issue of Cyber security is of utmost importance for organisations, given that the presence of Cyber Incident occurrence presents significant vulnerabilities to the integrity and confidentiality of data. The present study aims to examine the factors that contribute to Cyber Incident occurrence and evaluate the efficacy of Cyber incident reporting mechanisms in mitigating such threats within a range of Saudi organisations. The study utilises quantitative methods to thoroughly investigate the phenomenon of cyber incident occurrence. Data was collected from a sample of 219 employees who held various positions and worked in different departments. Data was analyzed using Structural Equation Modelling (SEM) with Amos. The measurement instrument underwent thorough evaluation to establish its reliability and validity, thereby ensuring the credibility of the collected data. The study's results demonstrate multiple noteworthy direct and indirect impacts. The relationship between "Employee Training and Awareness," "Access Control & Monitoring," and "Insider Threat Detection & Reporting" indirectly influences the occurrence of Cyber incidents mediated by Cyber Incident Reporting Mechanisms. These findings highlight the significance of implementing effective reporting mechanisms to mitigate the frequency of Cyber incidents. The mediation effect of "Cyber Incident Reporting Mechanisms" is not supported in relation to "Organisational Innovativeness Culture" and "Employee Satisfaction." These findings demonstrate the intricate nature of these connections, suggesting that the presence of an innovative culture and high employee satisfaction may not directly influence the occurrence of Cyber incidents when reporting mechanisms are taken into account. The study also conducts a thorough evaluation of the measurement model fit, which indicates a strong fit across multiple indices, confirming the high quality and reliability of the measurement instrument. In conclusion, this study provides insights into the complex nature of Cyber Incident occurrence within Saudi organisations. This emphasises the importance of "Cyber Incident Reporting Mechanisms" in mitigating these threats and underscores the necessity for organisations to invest in employee training, access control, monitoring, and robust insider threat detection and reporting systems to enhance Cyber security. These insights offer valuable guidance for organisations seeking to protect their data and uphold a secure work environment amidst changing Cyber Incident occurrence.