A framework for managing cybersecurity effectiveness in the digital context

M. Carcary, E. Doherty, G. Conway

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Citations (Scopus)

Abstract

The pace of digital transformation and new technology development and the growing sophistication of cyber criminals result in organisations facing greater scope and severity of cybersecurity attacks on a daily basis-estimated to cost between $375 and $575 billion per annum. It is anticipated that as more devices, systems, and infrastructure become interconnected and interdependent, and as more interfaces between customers, suppliers, and partners are leveraged, the IT ‘attack surface’ will continue to expand. Organisations vary in their approaches to attempting to prevent cybersecurity breaches: some are overly restrictive, making even routine business activities difficult, while others are too relaxed with poor oversight and inadequate protocols and procedures, creating unnecessary exposures. However, applying appropriate cybersecurity controls is now a particular necessity where digital leaders often have a higher tolerance and appetite for risk-taking and experimentation to identify key opportunities for the future. Organisations now need to rethink their cybersecurity management approaches, and recognise that traditional access control and perimeter defences alone are no longer sufficient. Rather holistic and proactive approaches that continually evolve and adapt to counter emerging threats and minimise the potential negative consequences of exposure are required. Understanding how effective the organisation is in its cybersecurity efforts is a prerequisite for ensuring controls remain abreast with, and appropriate for, the changing IT threat landscape. This paper presents a cybersecurity conceptual framework that can be used by organisations to provide a holistic analysis of their cybersecurity approaches. It details the key factors or management themes underpinning cybersecurity effectiveness and how the insights gained through assessing performance against these factors or management themes can be practically used to improve cybersecurity effectiveness. © 2019, Curran Associates Inc. All rights reserved.
Original languageEnglish
Title of host publicationEuropean Conference on Information Warfare and Security, ECCWS
Subtitle of host publication18th European Conference on Cyber Warfare and Security, ECCWS 2019
Place of PublicationCoimbra
Pages78-86
Number of pages9
Volume2019
EditionJuly
Publication statusPublished (in print/issue) - 2019
Event18th European Conference on Cyber Warfare and Security - Coimbra
Duration: 4 Jul 20195 Jul 2019

Conference

Conference18th European Conference on Cyber Warfare and Security
Period4/07/195/07/19

Keywords

  • Cybersecurity assessment
  • Cybersecurity barriers
  • Cybersecurity drivers
  • Cybersecurity management
  • Threats

Fingerprint

Dive into the research topics of 'A framework for managing cybersecurity effectiveness in the digital context'. Together they form a unique fingerprint.

Cite this