Cyber-Resiliency for Digital Enterprises: A Strategic Leadership Perspective

Abstract

As organizations increasingly view information as one of their most valuable assets, which supports the creation and distribution of their products and services, information security will be an integral part of the design and operation of organizational business processes. Yet, risks associated with cyber-attacks are on the rise. Organizations that are subjected to attacks can suffer significant reputational damage as well as loss of information and knowledge. As a consequence, effective leadership is cited as a critical factor for ensuring corporate level attention for information security. However, there is a lack of empirical understanding as to the roles strategic leaders play in shaping and supporting the cyber-security strategy. This article seeks to address this gap in the literature by focusing on how senior leaders support the cyber-security strategy. The authors conducted a series of exploratory interviews with leaders in the positions of Chief Information Officer, Chief Security Information Officer, and Chief Technology Officer. The findings revealed that leaders are engaged in both transitional, where the focus is on improving governance and integration and transformational support, which involves fostering a new cultural mindset for cyber-resiliency and the development of an ecosystem approach to security thinking.