Being Responsible in Cybersecurity:A multi-layered perspective

Abstract

The paper posits that in the increasingly connected digital landscape, there is a growing need to examine the scale and scope of responsible cybersecurity. In an exploratory study that involved qualitative interviews with senior cybersecurity professionals, we identify different layers of responsible cybersecurity that span across techno-centric, human-centric, organizational (intra and inter) and societal perspectives. We present these in an onion-shaped framework and show that collectively these diverse perspectives highlight the linked responsibilities of different stakeholders both within and beyond the organization. The study also finds that senior leadership plays a crucial role in fostering responsible cybersecurity across the different layers. Implications for research and practice are discussed