Location
Online
Event Website
https://hicss.hawaii.edu/
Start Date
3-1-2023 12:00 AM
End Date
7-1-2023 12:00 AM
Description
With the growing digitalization of businesses, digital security governance (DSG) is becoming central to organizational survival strategies. However, many organizations fail to establish successful DSG practices and, consequently, fail to understand how DSG can lower the severity of cybersecurity failures. This paper aims to contribute to filling this gap. By putting the five principles of the High Reliability Organization (HRO) central to the design of our qualitative investigation, we engage in interviewing forty-two chief information security officers (CISOs) and chief information officers (CIOs) of large organizations in the Netherlands about their views on why organizations fail to successfully achieve DSG. Our data show that HRO principles are partly relevant but lacking in DSG approaches, which potentially increases security failure. We conclude this paper by discussing these findings in light of future research and practice.
Recommended Citation
Schinagl, Stef; Shahim, Abbas; Khapova, Svetlana; and Van Den Hooff, Bart, "Digital Security Governance: What Can We Learn from High Reliability Organizations (HROs)?" (2023). Hawaii International Conference on System Sciences 2023 (HICSS-56). 8.
https://aisel.aisnet.org/hicss-56/os/it_governance/8
Digital Security Governance: What Can We Learn from High Reliability Organizations (HROs)?
Online
With the growing digitalization of businesses, digital security governance (DSG) is becoming central to organizational survival strategies. However, many organizations fail to establish successful DSG practices and, consequently, fail to understand how DSG can lower the severity of cybersecurity failures. This paper aims to contribute to filling this gap. By putting the five principles of the High Reliability Organization (HRO) central to the design of our qualitative investigation, we engage in interviewing forty-two chief information security officers (CISOs) and chief information officers (CIOs) of large organizations in the Netherlands about their views on why organizations fail to successfully achieve DSG. Our data show that HRO principles are partly relevant but lacking in DSG approaches, which potentially increases security failure. We conclude this paper by discussing these findings in light of future research and practice.
https://aisel.aisnet.org/hicss-56/os/it_governance/8