- Browse/Search the Program
Search
Program Calendar
Browse By Day
Browse By Room
- Information Menu
Search Tips
Virtual Exhibit Hall
- Navigation and Settings Menu
Personal Schedule
Sign In
The Dynamics and Predictors of Repeat and Multiple Victimisation in Business Cybercrime: An Analysis of the UK Cyber Security Breaches Survey
Fri, September 5, 2:00 to 3:15pm, Deree | Auditorium, Floor: 6, 6th Level AuditoriumAbstract
Repeat victimisation (RV) and multiple victimisation (MV) have been extensively studied in offline crimes, yet their dynamics in the context of business cybercrime remain underexplored. This study investigates the prevalence and predictors of RV and MV in UK private businesses, using the Cyber Security Breaches Survey 2024 dataset. The study applies Routine Activity Theory as the theoretical framework to examine how organisational digital routines, cybersecurity strategies and policies influence the likelihood of repeat and multiple cyber victimisation. Using the VIVA framework (Value, Inertia, Visibility, Accessibility), the study evaluates businesses’ target suitability and explores how technical, personal, internal, and external guardianship measures mitigate cyber risks. Although RAT has been applied to cybercrime victimisation, its role in explaining repeat and multiple victimisation in business settings remains underexplored. Thy study employs a quantitative approach, applying bivariate probit regression and hurdle negative binomial models to analyse three dependent variables: (1) the likelihood of experiencing business cybercrime, (2) the likelihood of repeat victimisation, and (3) the number of distinct cyber-attack types suffered by businesses. Findings will contribute to criminological theory by extending RV/MV research to business cybercrime and offering empirical insights into how businesses’ cybersecurity strategies shape their victimisation patterns. By identifying key risk factors and protective measures, the study offers policy-relevant recommendations for targeted cybersecurity interventions. This research advances the understanding of cyber victimisation concentration and prevention, highlighting the need for tailored cybersecurity policies to protect the most vulnerable businesses from persistent threats.