Abstract
Today’s organizations are exposed to high risk because the established
digital technologies are vulnerable to security attacks. The increased impact of
security on business demands a strategic approach to information security, commonly referred to as digital security governance. While there is a growing understanding that digital security is one of the leading risks and challenges of today’s organizations, organizations still find it difficult to implement security governance as part of their regular organizing change activities. This study focuses on providing more empirical insight into “tensions that are present during the implementation of digital security governance”.
We conducted an inductive study and interviewed 42 CISOs and CIOs of
large organizations in the Netherlands. The study reveals the tensions that hinder the implementation of digital security governance. We draw from management theories to provide a fresh understanding of and guidance for how to unravel the tensions.
digital technologies are vulnerable to security attacks. The increased impact of
security on business demands a strategic approach to information security, commonly referred to as digital security governance. While there is a growing understanding that digital security is one of the leading risks and challenges of today’s organizations, organizations still find it difficult to implement security governance as part of their regular organizing change activities. This study focuses on providing more empirical insight into “tensions that are present during the implementation of digital security governance”.
We conducted an inductive study and interviewed 42 CISOs and CIOs of
large organizations in the Netherlands. The study reveals the tensions that hinder the implementation of digital security governance. We draw from management theories to provide a fresh understanding of and guidance for how to unravel the tensions.
Original language | English |
---|---|
Title of host publication | ICT Systems Security and Privacy Protection |
Subtitle of host publication | 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22–24, 2021, Proceedings |
Editors | Audun Jøsang, Lynn Futcher, Janne Hagen |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 430-445 |
Number of pages | 16 |
ISBN (Electronic) | 9783030781200 |
ISBN (Print) | 9783030781194, 9783030781224 |
DOIs | |
Publication status | Published - 2021 |
Event | 36th IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2021 - Virtual, Online Duration: 22 Jun 2021 → 24 Jun 2021 |
Publication series
Name | IFIP Advances in Information and Communication Technology |
---|---|
Volume | 625 |
ISSN (Print) | 1868-4238 |
ISSN (Electronic) | 1868-422X |
Conference
Conference | 36th IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2021 |
---|---|
City | Virtual, Online |
Period | 22/06/21 → 24/06/21 |