Cyberattacker - unika fall eller en möjlighet till lärande? : En kvalitativ fallstudie av den nationella hanteringen av cyberattacker inom Sverige

Sammanfattning: In the last decades the world has become more and more digitalized which has led to a new kind of threat, known as cyberattacks. The statistics show that the amount of attacks are increasing every year even though the increasing experience should help to contain the threat. This creates questions regarding the learning capacity when it comes to cyberattacks.  The aim of this paper is to explore whether or not there has occurred an organizational learning within the Swedish crisis management linked to cyberattacks. By analyzing four different cases of cyberattacks within Sweden and the measures in-between, the paper searches for signs of organizational learning. The analysis uses a theory of organizational learning summarized into three indicators representing different levels of learning; single loop learning, double loop learning and meta learning, which are used to identify the learning.  The thesis finds that there are signs of organizational learning on a shallow as well as on a deep level but that there is a lack of connection between the learning. It is difficult to tell if the learning is based on experience from prior cyberattacks or if there are other influential aspects playing a larger part in the learning process. Further research could focus on finding a more distinct connection within the learning and its origins with the purpose of a better understanding of crisis management linked to cyberattacks.