Search results

1 – 3 of 3
Per page
102050
Citations:
Loading...
Access Restricted. View access options
Article
Publication date: 13 December 2021

Alexeis Garcia-Perez, Mark Paul Sallos and Pattanapong Tiwasing

This research addresses the relationships between the current, dynamic organisational cyber risk climate, organisational cybersecurity performance and changes in cybersecurity…

1327

Abstract

Purpose

This research addresses the relationships between the current, dynamic organisational cyber risk climate, organisational cybersecurity performance and changes in cybersecurity investments, with an aim to address the hostile epistemic climate for intellectual capital management presented by the dynamics of cybersecurity as a phenomenon.

Design/methodology/approach

Expanding on the views of digital security and resilience as a knowledge problem, the research looks at cybersecurity as a critical capability within organisations, particularly relevant in critical infrastructure sectors. The problem is studied from the perspective of 400 C-level executives from critical infrastructure sectors across the UK. Data collected at the peak of the coronavirus disease 2019 (COVID-19) pandemic, a time when critical infrastructure organisations have been under a significant strain due to an increase in cybersecurity incidents, were analysed using partial least square structural equation modelling.

Findings

The research found a significant correlation between the board's perception of a change in their cybersecurity risk climate and patterns of both the development of cybersecurity management capabilities and cybersecurity investments. The authors also found that a positive correlation exists between the efforts placed by critical infrastructure organisations in cybersecurity training and the changes in investment in their cybersecurity, particularly in relation to their intellectual capital development efforts.

Originality/value

To the best of the authors’ knowledge, this is the first paper that explores the board's perception of cybersecurity in critical infrastructure organisations both from the intellectual capital perspective and in the dynamic cyber risk climate derived from the COVID-19 crisis. The authors’ findings expand on the growing perception of cybersecurity as a knowledge problem, and thus inform future research and practice in the domain of intellectual capital management and its role in supporting the cybersecurity and digital resilience of business and society.

Details

Journal of Intellectual Capital, vol. 24 no. 2
Type: Research Article
ISSN: 1469-1930

Keywords

Access Restricted. View access options
Article
Publication date: 5 September 2019

Mark Paul Sallos, Alexeis Garcia-Perez, Denise Bedford and Beatrice Orlando

The purpose of this paper is to frame organisational cybersecurity through a strategic lens, as a function of an interplay of pragmatism, inference, holism and adaptation. The…

2053

Abstract

Purpose

The purpose of this paper is to frame organisational cybersecurity through a strategic lens, as a function of an interplay of pragmatism, inference, holism and adaptation. The authors address the hostile epistemic climate for intellectual capital management presented by the dynamics of cybersecurity as a phenomenon. The drivers of this hostility are identified and their implications for research and practice are discussed.

Design/methodology/approach

The philosophical foundations of cybersecurity in its relation with strategy, knowledge and intellectual capital are explored through a review of the literature as a mechanism to contribute to the emerging theoretical underpinnings of the cybersecurity domain.

Findings

This conceptual paper argues that a knowledge-based perspective can serve as the necessary platform for a phenomenon-based view of organisational cybersecurity, given its multi-disciplinary nature.

Research limitations/implications

By recognising the knowledge-related vectors, mechanisms and tendencies at play, a novel perspective on the topic can be developed: cybersecurity as a “knowledge problem”. In order to facilitate such a perspective, the paper proposes an emergent epistemology, rooted in systems thinking and pragmatism.

Practical implications

In practice, the knowledge-problem narrative can underpin the development of new organisational support constructs and systems. These can address the distinctiveness of the strategic challenges that cybersecurity poses for the growing operational reliance on intellectual capital.

Originality/value

The research narrative presents a novel knowledge-based analysis of organisational cybersecurity, with significant implications for both interdisciplinary research in the field, and practice.

Details

Journal of Intellectual Capital, vol. 20 no. 4
Type: Research Article
ISSN: 1469-1930

Keywords

Access Restricted. View access options
Article
Publication date: 9 October 2024

Mark-Paul Sallos, Alexeis Garcia Perez and Anca Bocanet

The drive for digitalisation has increased the scope of cyber threats which can exploit the growing footprint of information and communication technology infrastructure supporting…

68

Abstract

Purpose

The drive for digitalisation has increased the scope of cyber threats which can exploit the growing footprint of information and communication technology infrastructure supporting modern societies. Despite substantial interest and efforts in researching and building organisational cyber resilience, the resulting body of work is heterogeneous and has yet to reach maturity. This paper aims to address the gap in the conceptualisation of cyber resilience in academic and practice-oriented grey literature.

Design/methodology/approach

In this conceptual paper, we firstly seek to explore the available foundations of resilience as a construct and consider how these can be applied to organisational cybersecurity. To that aim, this study employs a targeted literature review approach, incorporating systematic elements to ensure rigour. Literature was identified through comprehensive searches in key academic databases, reference chaining and expert recommendations. Articles were selected based on relevance and contribution to the field, resulting in a thematic analysis to identify gaps and propose a heuristic model for cyber resilience. With this approach, we aim to position the emerging view of cyber resilience relative to risk analysis, while highlighting its domain of “conceptual comparative advantage” – the types of applications it is best suited to address. Finally, a high-level heuristic model for cyber resilience is proposed, which functions across the relevant policy, strategy and operational dimensions while also considering its relationship with cyber risk management.

Findings

A conceptual model for organisational cyber resilience is proposed which helps position and frame research contributions in this domain relative to risk analysis, highlighting its domain of comparative advantage. The model integrates policy, strategy and operational dimensions, in a manner conducive to bridging foundations and applications of the concept of cyber risk management. The proposed model provides a critical point of reference to evaluate individual models, frameworks and tools.

Originality/value

This paper is a pioneering effort to overcome the current gaps between conceptual and practical views of cyber resilience. It proposes a new, risk-aligned view of the concept of cyber resilience and provides a structural foundation for further research and practice in the field.

Details

Journal of Enterprise Information Management, vol. 37 no. 6
Type: Research Article
ISSN: 1741-0398

Keywords

1 – 3 of 3
Per page
102050