Navigating cybersecurity: environment’s impact on standards adoption and board involvement
Arroyabe, Marta F. ORCID: https://orcid.org/0000-0003-3223-0268, Arranz, Carlos F. A. ORCID: https://orcid.org/0000-0002-6866-0684, De Arroyabe, Ignacio Fernandez and Fernandez de Arroyabe, Juan Carlos ORCID: https://orcid.org/0000-0003-1451-3782 (2024) Navigating cybersecurity: environment’s impact on standards adoption and board involvement. Journal of Computer Information Systems. ISSN 0887-4417 (Print), 2380-2057 (Online) (doi:10.1080/08874417.2024.2394440)
Preview |
PDF (Open Access Article)
47832 ARRANZ_Navigating_Cybersecurity_(OA)_2024.pdf - Published Version Available under License Creative Commons Attribution Non-commercial No Derivatives. Download (2MB) | Preview |
Abstract
This study investigates cybersecurity governance dynamics within organizations, investigating the influence of supply chains, environmental factors, and stakeholder engagement. Utilizing the UK’s Cyber Security Longitudinal Survey and employing artificial neural networks and k-means cluster analysis, we explore how organizational practices and external pressures shape cybersecurity strategies. Our findings show the managerial and political dimensions of improving organizational cybersecurity, highlighting the critical role of environmental influences alongside incident perception and self-efficacy. The research shows the necessity for organizations to remain receptive to external influences and identifies supply chains as critical factor in shaping cybersecurity practices, advocating for comprehensive security protocols. We demonstrate that guidance from governing bodies is essential for aligning with industry standards. The findings suggest a range of strategies, from implementing standards to encouraging board-level integration of cybersecurity, facilitated by a combination of coercive, normative, and mimetic pressures exerted by various agents, including governments, stakeholders, and the supply chain.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | cybersecurity, small and medium enterprises, smes, cybersecurity standards, board involvement, institutional theory, stakeholder theory, artificial neural networks, k-means clustering, supply chain, environmental influences, iso 27001, cyber essentials, national cyber security centre, cybersecurity governance, cybersecurity implementation, organizational behaviour, cyber threats, digital transformation, information security, cyber risk management, cybersecurity policy, cybersecurity resilience, cybersecurity awareness, business environment, regulatory compliance, cybersecurity strategy, organizational cybersecurity, uk |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Faculty / School / Research Centre / Research Group: | Greenwich Business School Greenwich Business School > Networks and Urban Systems Centre (NUSC) Greenwich Business School > Networks and Urban Systems Centre (NUSC) > Connected Cities Research Group (CCRG) Greenwich Business School > School of Business, Operations and Strategy |
Last Modified: | 29 Aug 2024 13:27 |
URI: | http://gala.gre.ac.uk/id/eprint/47832 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year