The European regulatory momentum, combined with the growing sophistication of cyber threats, is driving companies to conduct an in-depth evaluation of their risk management strategies and regulatory compliance frameworks. In this context, security awareness and corporate social responsibility (CSR) emerge as strategic pillars for developing an integrated risk management model. This model not only emphasizes data protection but also strengthens ethical commitments and fosters trust between the company and its stakeholders. The proposed study introduces a framework designed to promote a cybersecurity culture centered on real-time risk exposure monitoring and proactive vulnerability assessment. However, this approach requires a delicate balance between technological innovation and social responsibility to ensure that a data-centric focus does not devolve into a purely technical management approach. Instead, it should support decision-making processes that reflect the organization’s commitment to ethical and inclusive security practices. The model aims to enhance organizational resilience, enabling companies not only to defend against threats but also to strengthen transparency and trust. These elements are essential to maintaining high CSR standards and fostering a sustainable, responsible, and secure corporate culture.
Security e awareness e corporate social responsability: un modello etico per il risk management e la conformità normativa
N. Barbuzzi;G. Fontana
2025-01-01
Abstract
The European regulatory momentum, combined with the growing sophistication of cyber threats, is driving companies to conduct an in-depth evaluation of their risk management strategies and regulatory compliance frameworks. In this context, security awareness and corporate social responsibility (CSR) emerge as strategic pillars for developing an integrated risk management model. This model not only emphasizes data protection but also strengthens ethical commitments and fosters trust between the company and its stakeholders. The proposed study introduces a framework designed to promote a cybersecurity culture centered on real-time risk exposure monitoring and proactive vulnerability assessment. However, this approach requires a delicate balance between technological innovation and social responsibility to ensure that a data-centric focus does not devolve into a purely technical management approach. Instead, it should support decision-making processes that reflect the organization’s commitment to ethical and inclusive security practices. The model aims to enhance organizational resilience, enabling companies not only to defend against threats but also to strengthen transparency and trust. These elements are essential to maintaining high CSR standards and fostering a sustainable, responsible, and secure corporate culture.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
