Investigating the Factors that Affect the Adoption of Cybersecurity Data Visualization Applications Within Organizational Context: An Application of the T-O-E Framework

Abstract

Cybersecurity visualization (VizSec) tools have emerged as critical enablers for organizations to detect, interpret, and respond to increasingly complex cyber threats. Despite their potential, the adoption and effective use of these tools remain inconsistent across industries. This dissertation examines the determinants of VizSec adoption through the application of the Technology-Organization-Environment (TOE) framework; and the effect of its adoption on organizational performance thereafter. Mixed-method approach was used in this study to provide an in-depth understanding of quantitative and qualitative results. During the quantitative step, a survey of 230 cybersecurity professionals and decision-makers in various industries was used to gather data and analyzed using Partial Least Squares Structural Equation Modeling (PLS-SEM). The qualitative stage was based on 14 semi-structured interviews, conducted with the help of the six-phase thematic analysis of Braun and Clarke, in order to render the lived experiences and the practical knowledge of the participants. The results show that the most powerful drivers of adoption are technological determinants, especially ease of use, lesser complexity, and compatibility with the already existing infrastructure. Influencing factors include organizational aspects, comprising of top management support, financial and human resources, as well as the organizational ability to learn, without which the value of VizSec is constrained due to the lack of skilled professionals. Environmental factors were considered key determinants, whereas competitive pressure had a small influence. Notably, the research proved the mediating effects of Security Data Visualization (SDV) between factors of the TOE and organizational performance. Adoption of VizSec was found to have a high level of customer satisfaction, financial performance, innovation and agility within the organization. Theoretically, this research contributes by generalizing the use of the TOE framework in the space of cybersecurity visualization and introduces SDV as a mediating construct to redefine organizational and environmental variables in this sense. In practice, the study provides a roadmap on how organisations can get the best out of VizSec through strategic investments, enhancing compliance, developing skilled human capital, and establishing vendor relationships.