dc.description.abstract | Cybersecurity continues to be a critical concern for businesses worldwide, particularly for Small and Medium-sized Businesses (SMBs) which often lack the resources and expertise to implement robust cybersecurity measures. Understanding the incentives that drive SMBs to invest in cybersecurity is essential for devising strategies and policies that can effectively enhance their cybersecurity posture. This master thesis adopts a qualitative research approach to delve into the factors that influence cybersecurity investments among Norwegian SMBs. The study involved comprehensive interviews with a diverse set of respondents, aiming to explore how different types of incentives influence their decisions to invest in cybersecurity. The research identified five key categories of incentives: economic, normative, historic, network externalities, and feasibility. The most prominent findings were economic incentives, particularly financial rewards, tax incentives, and subsidies, as well as feasibility incentives, specifically practicality, scalability, and sustainability. However, the study also revealed the importance of reputational benefits, lessons learned from past incidents, and societal benefits in influencing cybersecurity investment decisions. | |