No Cover Image

Journal article 226 views 62 downloads

Executive decision-makers: a scenario-based approach to assessing organizational cyber-risk perception

Simon Parkin Orcid Logo, Kristen Kuhn, Siraj Shaikh Orcid Logo

Journal of Cybersecurity, Volume: 9, Issue: 1

Swansea University Author: Siraj Shaikh Orcid Logo

  • 63958VR.pdf

    PDF | Version of Record

    This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted reuse, distribution, and reproduction in any medium, provided the original work is properly cited.

    Download (1018.91KB)

Check full text

DOI (Published version): 10.1093/cybsec/tyad018

Abstract

The executive leadership in corporate organizations is increasingly challenged with managing cyber-risks, as an important part of wider business risk management. Cyber-risks are complex, with the threat landscape evolving, including digital infrastructure issues such as trust in networked supply cha...

Full description

Published in: Journal of Cybersecurity
ISSN: 2057-2085 2057-2093
Published: Oxford University Press (OUP) 2023
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa63958
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract: The executive leadership in corporate organizations is increasingly challenged with managing cyber-risks, as an important part of wider business risk management. Cyber-risks are complex, with the threat landscape evolving, including digital infrastructure issues such as trust in networked supply chains, and emerging technologies. Moreover, engaging organizational leadership to assess for risk management is also difficult. This paper reports on a scenario-driven, workshop-based study undertaken with executive leadership to assess for cybersecurity and cyber-risk perception related to preparation for, and response to, potential incidents. The study involves leadership members at a large public–private organization. Our approach utilizes scenarios, which are structured in their design to explore and analyse aspects of business risk, risk ownership, technological complexity, and uncertainty faced by an organizational leadership. The method offers a means to engage with leadership at real-world organizations, capturing capacity and insights to manage business risks due to cyberattacks.
Keywords: Security management, decision making, business continuity, risk analysis
College: Faculty of Science and Engineering
Issue: 1