21 research outputs found
Board Level Balanced Scorecard for Cyber Resilience
Boards of Directors (BODs) have a unique role in managing cybersecurity: they provide oversight to operational and strategic decisions while executing a fiduciary responsibility to manage cyber-risk. Since organizations cannot count on 100% protection, BODs must ensure their organizations are cyber-resilient, and can recover quickly from cyber incidents. But BOD reporting mechanisms are inadequate for this role. Most of the reporting to BODs are on operational metrics around protection, not cyber-resilience and the business at risk from a cyber incident. This paper suggests a balanced scorecard for cyber resilience (BSCR) for BODs. This theory-building research was informed by surveys and focus groups of cybersecurity leaders and board members. The BSCR gives business context-based insights and metrics on the biggest risks to cybersecurity resilience faced by their organization, and the investments their operational managers have made to mitigate the impact of these risks. Armed with the BSCR, BODs have the information they need for meaningful discussions and evaluation of their organizationâs cyber-resiliency
Panel 7 Paradoxes in Alternative Work Arrangements
This panel will present and debate various paradoxes surrounding the implementation of Alternative Work Arrangements (AWA). AWA includes such topics as telecommuting, remote work, telecenters, and other conceptions of the virtual office. This is an especially relevant topic to the ICIS theme, Networking and Electronic Communities, because the nature of alternative work arrangements requires organizations to rethink the fundamental ways individuals in their communities work, both alone and in groups. The AWA perspective assumes that technologies will not eliminate jobs, but will facilitate the transformation of traditional work arrangements by allowing flexibility in âwhenâ and âwhereâ work is done. The impact on the nature of work, workers, work groups, businesses and home life are all relevant to a debate about AWA
What Technical and Professional Skills are Needed for Cybersecurity Roles?
The Cybersecurity Skills Survey was designed to respond to the high-demand for cybersecurity professionals, noted by the findings of SIM (Society for Information Management) IT Trends and Issues Study (2017, 2018, 2019, 2020, 2021). The findings of the IT Trends and Issues Study are based upon input from over 1,000 IT leaders representing 37 SIM Chapters. The goals of the cybersecurity skills survey were to identify: (1) What technical skills are needed for entry-level professionals in cybersecurity jobs? (2) What professional skills are needed for entry level professionals in cybersecurity jobs? (3) What technical skills are needed for early-career professionals in cybersecurity jobs? and (4) What professional skills are needed for early-career professionals in cybersecurity jobs? The survey findings provide key insights into in-demand skills and âdifficult-to-findâ competencies. This paper reports on 99 responses captured from IT leaders representing the SIM Chapters in St. Louis, Austin, Milwaukee, and Phoenix
A virtuålis iroda és sikerességének feltételei
Ahhoz, hogy a virtuĂĄlis iroda sikeres legyen, egĂ©szen Ășjfajta megközelĂtĂ©st kell alkalmazni a dolgozĂłk kiĂ©rtĂ©kelĂ©sĂ©ben, oktatĂĄsĂĄban, szervezĂ©sĂ©ben Ă©s tĂĄjĂ©koztatĂĄsĂĄban
For What Technology Canât Fix: Building a Model of Organizational Cybersecurity Culture
Organizational cybersecurity requires more than just the latest technology. To secure an organization, all members of the organization must act to reduce risk. Leaders have a special responsibility to understand, shape and align the beliefs, values, and attitudes of the entire organization with overall security goals. Managers need practical solutions for dealing with the human side of cybersecurity. The model presented in this paper describes organizational cybersecurity culture, the factors that contribute to its creation, and how it can be measured. A case study of a âculture of data protectionâ created by leaders at financial services firm Liberty Mutual illustrates these factors to help managers understand and apply recommendations to create a more mature cyber security culture in their organization
A Culture of Cybersecurity at Banca Popolare di Sondrio
Today, cybersecurity is no longer just a technical issue to be solved by the IT department. Organizations of all sizes are constantly breached or attacked, and the best defense is both technical and organizational. Business leaders, working alongside technology leaders, need tools and frameworks for building cyber resilience using multiple layers of security. Financial institutions are at particular risk and the consequences of a cyber incident can be far-reaching and devastating. This paper describes how one bank built a culture of cybersecurity to create values, attitudes and believes that drive cybersecure behaviors. The case study illustrates how cybersecurity leaders at Italian bank, Banca Popolare di Sondrio (BPS) motivated, built and measured success of efforts to create a culture of cybersecurity
Recommended from our members
Zero TimeTM: A Conceptual Architecture for 21st Century Enterprises
Discusses Zero Time, or manipulating time as an independent variable, as critical to any enterpriseâs success in the 21st Century. Discusses five disciplines of a Zero Time organization (customer value driven, knowledgization, holonic management, zero resistance and inclusion) and how the disciplines result in instant customerization, meaning the needs of the customer are met as soon as the needs are expressed. Provides examples of near-Zero Time organizations. Applies a methodology, consisting of strategic visioning and operational excellence, for any organization to follow to evolve holistically into a Zero Time organization, allowing it to quickly and effectively adapt to rapid, continuous change.IC2 Institut