Author: Jarmo Nevala, 12/2018
Title of publication: Cybersecurity situation analysis – Survey in Central Finland 2016-2018
Degree programme: Master’s Degree Program in Information Technology, Cyber Security
Supervisor(s): Kotikoski, Sampo; Karjalainen, Mika
Assigned by: Jyväskylä Educational Consortium (2016), Personal subject (2017, 2018)
The idea for the study arose during work on the project ‘Secondary level cyber‘ (‘Toisen asteen kyber’) for the Jyväskylä Educational Consortium. The goal of the project was to find out what the educational needs of the small and medium enterprises and microenterprises in Central Finland are from the perspective of the secondary level education. The project included a survey for companies and the representatives of the participating schools. After the project, the survey was further developed and repeated. As a result, research data was gained from a three-year study on the cybersecurity of companies in Central Finland.
The survey focused on companies in Central Finland. The main goal was to find out about the state of cybersecurity in companies and the changes occurred in the timeline of three years. The goal was to study how the companies perceive cybersecurity and what kind of challenges they face when implementing procedures to help them to anticipate and survive different cyberthreats and their consequences.
The survey was carried out with an online questionnaire on three consecutive years. After the first year the questionnaire was modified based on the feedback from the respondents. However, the majority of the questions were kept the same so that the results would be comparable. The study was quantitative by nature.
Based on the results, the companies have a clear need to improve cybersecurity. Cybersecurity means recognizing, preventing and preparing for disruptions in the electric and network systems. In the digital era, cybersecurity is a challenge for the companies, as in addition to the hardware and software, also the knowhow and motivation of the personnel has an effect on the cybersecurity of the companies