What do we know about information security governance?: "From the basement to the boardroom": towards digital security governance. (25th January 2020)
- Record Type:
- Journal Article
- Title:
- What do we know about information security governance?: "From the basement to the boardroom": towards digital security governance. (25th January 2020)
- Main Title:
- What do we know about information security governance?
- Authors:
- Schinagl, Stef
Shahim, Abbas - Abstract:
- Abstract : Purpose: This paper aims to review the information security governance (ISG) literature and emphasises the tensions that exist at the intersection of the rapidly changing business climate and the current body of knowledge on ISG. Design/methodology/approach: The intention of the authors was to conduct a systematic literature review. However, owing to limited empirical papers in ISG research, this paper is more conceptually organised. Findings: This paper shows that security has shifted from a narrow-focused isolated issue towards a strategic business issue with "from the basement to the boardroom" implications. The key takeaway is that protecting the organisation is important, but organizations must also develop strategies to ensure resilient businesses to take advantage of the opportunities that digitalization can bring. Research limitations/implications: The concept of DSG is a new research territory that addresses the limitations and gaps of traditional ISG approaches in a digital context. To this extent, organisational theories are suggested to help build knowledge that offers a deeper understanding than that provided by the too often used practical approaches in ISG research. Practical implications: This paper supports practitioners and decision makers by providing a deeper understanding of how organisations and their security approaches are actually affected by digitalisation. Social implications: This paper helps individuals to understand that they haveAbstract : Purpose: This paper aims to review the information security governance (ISG) literature and emphasises the tensions that exist at the intersection of the rapidly changing business climate and the current body of knowledge on ISG. Design/methodology/approach: The intention of the authors was to conduct a systematic literature review. However, owing to limited empirical papers in ISG research, this paper is more conceptually organised. Findings: This paper shows that security has shifted from a narrow-focused isolated issue towards a strategic business issue with "from the basement to the boardroom" implications. The key takeaway is that protecting the organisation is important, but organizations must also develop strategies to ensure resilient businesses to take advantage of the opportunities that digitalization can bring. Research limitations/implications: The concept of DSG is a new research territory that addresses the limitations and gaps of traditional ISG approaches in a digital context. To this extent, organisational theories are suggested to help build knowledge that offers a deeper understanding than that provided by the too often used practical approaches in ISG research. Practical implications: This paper supports practitioners and decision makers by providing a deeper understanding of how organisations and their security approaches are actually affected by digitalisation. Social implications: This paper helps individuals to understand that they have increasing rights with regard to privacy and security and a say in what parties they assign business to. Originality/value: This paper makes a novel contribution to ISG research. To the authors' knowledge, this is the first attempt to review and structure the ISG literature. … (more)
- Is Part Of:
- Information and computer security. Volume 28:Number 2(2020)
- Journal:
- Information and computer security
- Issue:
- Volume 28:Number 2(2020)
- Issue Display:
- Volume 28, Issue 2 (2020)
- Year:
- 2020
- Volume:
- 28
- Issue:
- 2
- Issue Sort Value:
- 2020-0028-0002-0000
- Page Start:
- 261
- Page End:
- 292
- Publication Date:
- 2020-01-25
- Subjects:
- Technology -- Information security governance -- Literature review -- Digitalisation -- Cyber -- Digital security governance
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-02-2019-0033 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 13110.xml