Start Date

16-8-2018 12:00 AM

Description

Information technology projects can be divided into three meta-phases – project conception, project execution, and project deliverable use. Each of these meta-phases has associated cybersecurity risks and the potential for being impacted by these risks. This paper performs an analysis of four recent major, publicized project-related cybersecurity incidents and found evidence of cybersecurity risk across project meta-phases. By identifying where cybersecurity risks became vulnerabilities and where vulnerabilities became realized as actual events and outcomes, this research effort suggests that project risk management efforts should begin prior to the project start and consider cybersecurity risks that may affect stakeholders long after the project concludes. This paper hopes to contribute to both research and practice by focusing more attention on how early project cybersecurity affects long-term cybersecurity outcomes.

Share

COinS
 
Aug 16th, 12:00 AM

Cybersecurity Threats in the Context of Project Meta-Phases

Information technology projects can be divided into three meta-phases – project conception, project execution, and project deliverable use. Each of these meta-phases has associated cybersecurity risks and the potential for being impacted by these risks. This paper performs an analysis of four recent major, publicized project-related cybersecurity incidents and found evidence of cybersecurity risk across project meta-phases. By identifying where cybersecurity risks became vulnerabilities and where vulnerabilities became realized as actual events and outcomes, this research effort suggests that project risk management efforts should begin prior to the project start and consider cybersecurity risks that may affect stakeholders long after the project concludes. This paper hopes to contribute to both research and practice by focusing more attention on how early project cybersecurity affects long-term cybersecurity outcomes.