Mitigating Ransomware Risks in Manufacturing and the Supply Chain: A Comprehensive Security Framework

Abstract

This study is designed to evaluate the role of Employee Behaviour and Adherence as mediators in the relationship between organisational practices and Comprehensive Security Posture in Saudi organisations in the field of cybersecurity. This study seeks to offer valuable insights into the correlation between technology solutions, staff training, supply chain resilience measures, cooperation practices, and the overall security resilience of enterprises. It does so by analysing the dynamics of ransomware risk mitigation. The study employed a survey-based methodology to collect data from a representative sample of 246 individuals working across different sectors within Saudi enterprises. The survey instrument includes metrics related to employee training and awareness, implementation of technological solutions, measures to enhance supply chain resilience, practices of collaboration and information sharing, employee behaviour and adherence, and comprehensive security posture. The data analysis involves conducting factor loadings, reliability assessments, assessing convergent and discriminant validity, and utilising Structural Equation Modelling (SEM) with Amos to analyse the proposed model and test the study hypotheses. The study findings provide evidence of significant direct and indirect effects, supporting the proposed role of Employee Behaviour and Adherence in the relationships between organisational practices and Comprehensive Security Posture. The study emphasises the substantial influence of employee behaviour on the overall security resilience of enterprises, emphasising the need for a comprehensive approach to reducing ransomware risk that considers both technological and human factors. The study's findings have implications for corporate leaders, cybersecurity professionals, and policymakers tasked with enhancing resilience against ransomware attacks. The study highlights the importance of investing in employee training and fostering a security-conscious organisational culture to improve cybersecurity. To address the practical implications, it is necessary to develop targeted training initiatives and awareness campaigns that enable employees to actively participate in safeguarding the firm's cybersecurity. This study stands out for its comprehensive examination of the role of Employee Behaviour and Adherence in mitigating ransomware risk. It delves deep into the process and offers valuable insights. This study contributes to our understanding of organisational cybersecurity by highlighting the importance of the human factor. It offers new insights that can inform the development of effective cybersecurity solutions. The research stands out for its focus on multiple organisational practices and how they collectively impact security posture.