Paper Type
Short
Paper Number
PACIS2026-1551
Description
Cyber threats are intensifying, yet existing research conceptualises both enterprise architecture (EA) and resilience as static, artefact-focused constructs, leaving cyber resilience as a distinct organisational capability underexplored. This research-in-progress paper develops a theoretical framework explaining how EA enhances cyber resilience through EA-enabled Dynamic Cybersecurity Capabilities (DCC). Drawing on synergy theory, Dynamic Capabilities Theory, and Organizational Learning Theory, the framework theorises EA-enabled DCC as a higher-order capability that emerges when EA and cybersecurity capabilities are compatible, integrated, and complementary, and that enables organisations to sense, seize, and transform in response to evolving cyber threats. Four propositions specify the synergistic interaction, the emergent capability, its effect on cyber resilience, and the learning feedback loop. The paper contributes a capability-based account of EA-enabled cyber resilience, to be empirically examined through a multiple case study of central government organisations in a developing country.
Recommended Citation
PRADIPTA, AULIA; Kurnia, Sherah; Maynard, Sean B.; Ahmad, Atif; Naseer, Humza; and Hidayanto, Achmad Nizar, "Enhancing Cyber Resilience through Enterprise Architecture–Enabled Dynamic Cybersecurity Capabilities" (2026). PACIS 2026 Proceedings. 6.
https://aisel.aisnet.org/pacis2026/dig_sec/dig_sec/6
Enhancing Cyber Resilience through Enterprise Architecture–Enabled Dynamic Cybersecurity Capabilities
Cyber threats are intensifying, yet existing research conceptualises both enterprise architecture (EA) and resilience as static, artefact-focused constructs, leaving cyber resilience as a distinct organisational capability underexplored. This research-in-progress paper develops a theoretical framework explaining how EA enhances cyber resilience through EA-enabled Dynamic Cybersecurity Capabilities (DCC). Drawing on synergy theory, Dynamic Capabilities Theory, and Organizational Learning Theory, the framework theorises EA-enabled DCC as a higher-order capability that emerges when EA and cybersecurity capabilities are compatible, integrated, and complementary, and that enables organisations to sense, seize, and transform in response to evolving cyber threats. Four propositions specify the synergistic interaction, the emergent capability, its effect on cyber resilience, and the learning feedback loop. The paper contributes a capability-based account of EA-enabled cyber resilience, to be empirically examined through a multiple case study of central government organisations in a developing country.
Comments
08-Security