A framework for enterprise cybersecurity risk management
Published in Advances in Cybersecurity Nanagement (Publisher: Springer International Publishing) Authors: Samir Jarjoui, Renita Murimi, 2021
Many organizations continue to struggle with the implementation of cybersecurity risk assessment and management programs. Navigating the evolving cybersecurity landscape and trends in technology commercialization require an understanding of the relational organizational context within which cybersecurity risks are rooted. While several existing cybersecurity risk management frameworks discuss the importance of identifying a context for cyber risks, they do not provide much guidance on “how” that should be done. Leaning on systems theory, this chapter advances the notion that a business and IT alignment approach can be leveraged to inform and drive subsequent cybersecurity risk management and assessment efforts. We outline a holistic roadmap through the incorporation of multiple interconnected dimensions as the underpinning of cybersecurity risk identification and mitigation. We introduce a novel framework that identifies practical organizational drivers and priorities to improve cyber resiliency within the organizational perspective.