Paper Type
Short
Paper Number
PACIS2026-1680
Description
An overlooked aspect of cybersecurity regulation is how supervisory partnerships between regulators and regulated entities can enable cybersecurity uplift. While research confirms that mandated regulation improves security performance and is critical, this approach can also foster a checkbox mentality and does not necessarily result in enhanced security outcomes. Drawing on stakeholder theory, ethics of care, and information security governance, this study proposes a conceptual process model for supervisory partnerships that emphasises shared responsibility, transparency, and accountability. The model maps specific activities across diverse stakeholders, from policymakers to service recipients, establishing balanced partnerships beyond traditional top-down approaches. The model reconceptualises cybersecurity supervision as regulator-driven yet collaborative, fostering shared responsibility and incorporating typically overlooked participants. This research offers both theoretical contribution through novel theoretical integration and practical value by responding to systemic regulatory challenges with national security implications. Future work will empirically validate this model through comparative case studies.
Recommended Citation
Al Bedewi, Raif; Ahmad, Atif; and Maynard, Sean B., "Enabling Cybersecurity Uplift Through Supervisory Partnerships" (2026). PACIS 2026 Proceedings. 8.
https://aisel.aisnet.org/pacis2026/dig_sec/dig_sec/8
Enabling Cybersecurity Uplift Through Supervisory Partnerships
An overlooked aspect of cybersecurity regulation is how supervisory partnerships between regulators and regulated entities can enable cybersecurity uplift. While research confirms that mandated regulation improves security performance and is critical, this approach can also foster a checkbox mentality and does not necessarily result in enhanced security outcomes. Drawing on stakeholder theory, ethics of care, and information security governance, this study proposes a conceptual process model for supervisory partnerships that emphasises shared responsibility, transparency, and accountability. The model maps specific activities across diverse stakeholders, from policymakers to service recipients, establishing balanced partnerships beyond traditional top-down approaches. The model reconceptualises cybersecurity supervision as regulator-driven yet collaborative, fostering shared responsibility and incorporating typically overlooked participants. This research offers both theoretical contribution through novel theoretical integration and practical value by responding to systemic regulatory challenges with national security implications. Future work will empirically validate this model through comparative case studies.
Comments
08-Security