Abstract

This TREO paper posits that organizations must heavily support robust cybersecurity measures to ensure continuous business operations while adapting to the evolving cyber threat landscape to become cyber resilient. This makes the journey towards a cyber-resilient organization a complex and ongoing challenge. In this research, we draw on the classic view of resilience to propose an initial concept of cyber resilience involving two complex and sometimes conflicting views: resilience as reliability and resilience as adaptability. We further posit that CIOs are permanently presented with the innovator’s dilemma when implementing a cyber resilience framework for their organization, as they need to make constant decisions between “exploiting” their current infrastructure to maximize its ROI or “exploring” solutions for new cyber threats. We propose that organizations need to develop cyber resilience ambidexterity as a dynamic capability and that CIOs embrace this inconsistent and paradoxical duality of cyber resilience according to their managerial style.

Paper Number

tpp1400

Share

COinS
 

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.