Demystifying analytical information processing capability: The case of cybersecurity incident response

摘要

Little is known about how organizations leverage business analytics (BA) to develop, process, and exploit analytical information in cybersecurity incident response (CSIR). Drawing on information processing theory (IPT), we conducted a field study using a multiple case study design to answer the following research question: How do organizations exploit analytical information in the process of cybersecurity incident response by using business analytics? We developed a theoretical framework that explains how organizations respond to the dynamic cyber threat environment by exploiting analytical information processing capability in the CSIR process. This, in turn, leads to positive outcomes in enterprise security performance, delivering both strategic and financial benefits. Our findings contribute to the BA and cybersecurity literature by providing useful insights into BA applications and the facilitation of analytics-driven decision making in CSIR. Further, they contribute to IPT by providing new insights about analytical information needs, mechanisms to seek analytical information, and analytical information use in the process of CSIR.