Skip navigation

Navigating cybersecurity: environment’s impact on standards adoption and board involvement

Navigating cybersecurity: environment’s impact on standards adoption and board involvement

Arroyabe, Marta F. ORCID logoORCID: https://orcid.org/0000-0003-3223-0268, Arranz, Carlos F. A. ORCID logoORCID: https://orcid.org/0000-0002-6866-0684, De Arroyabe, Ignacio Fernandez and Fernandez de Arroyabe, Juan Carlos ORCID logoORCID: https://orcid.org/0000-0003-1451-3782 (2024) Navigating cybersecurity: environment’s impact on standards adoption and board involvement. Journal of Computer Information Systems. ISSN 0887-4417 (Print), 2380-2057 (Online) (doi:10.1080/08874417.2024.2394440)

[thumbnail of Open Access Article]
Preview
PDF (Open Access Article)
47832 ARRANZ_Navigating_Cybersecurity_(OA)_2024.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB) | Preview

Abstract

This study investigates cybersecurity governance dynamics within organizations, investigating the influence of supply chains, environmental factors, and stakeholder engagement. Utilizing the UK’s Cyber Security Longitudinal Survey and employing artificial neural networks and k-means cluster analysis, we explore how organizational practices and external pressures shape cybersecurity strategies. Our findings show the managerial and political dimensions of improving organizational cybersecurity, highlighting the critical role of environmental influences alongside incident perception and self-efficacy. The research shows the necessity for organizations to remain receptive to external influences and identifies supply chains as critical factor in shaping cybersecurity practices, advocating for comprehensive security protocols. We demonstrate that guidance from governing bodies is essential for aligning with industry standards. The findings suggest a range of strategies, from implementing standards to encouraging board-level integration of cybersecurity, facilitated by a combination of coercive, normative, and mimetic pressures exerted by various agents, including governments, stakeholders, and the supply chain.

Item Type: Article
Uncontrolled Keywords: cybersecurity, small and medium enterprises, smes, cybersecurity standards, board involvement, institutional theory, stakeholder theory, artificial neural networks, k-means clustering, supply chain, environmental influences, iso 27001, cyber essentials, national cyber security centre, cybersecurity governance, cybersecurity implementation, organizational behaviour, cyber threats, digital transformation, information security, cyber risk management, cybersecurity policy, cybersecurity resilience, cybersecurity awareness, business environment, regulatory compliance, cybersecurity strategy, organizational cybersecurity, uk
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Greenwich Business School
Greenwich Business School > Networks and Urban Systems Centre (NUSC)
Greenwich Business School > Networks and Urban Systems Centre (NUSC) > Connected Cities Research Group (CCRG)
Greenwich Business School > School of Business, Operations and Strategy
Last Modified: 29 Aug 2024 13:27
URI: http://gala.gre.ac.uk/id/eprint/47832

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics