scholarly journals An Empirical Examination of the Effects of CTO Leadership on the Alignment of the Governance of Big Data and Information Security Risk Management Effectiveness

10.28945/4799 ◽  
2021 ◽  
Vol 18 ◽  
pp. 041-061
Author(s):  
Shannon Block ◽  
Steven Munkeby ◽  
Samuel Sambasivam
Keyword(s):  
United States ◽  
Big Data ◽  
Information Security ◽  
Regression Model ◽  
Leadership Styles ◽  
Future Research ◽  
Security Risk ◽  
Information Security Risk ◽  
Security Risk Management ◽  
The Relationship

Aim/Purpose: Board of Directors seek to use their big data as a competitive advantage. Still, scholars note the complexities of corporate governance in practice related to information security risk management (ISRM) effectiveness. Background: While the interest in ISRM and its relationship to organizational success has grown, the scholarly literature is unclear about the effects of Chief Technology Officers (CTOs) leadership styles, the alignment of the governance of big data, and ISRM effectiveness in organizations in the West-ern United States. Methodology: The research method selected for this study was a quantitative, correlational research design. Data from 139 participant survey responses from Chief Technology Officers (CTOs) in the Western United States were analyzed using 3 regression models to test for mediation following Baron and Kenny’s methodology. Contribution: Previous scholarship has established the importance of leadership styles, big data governance, and ISRM effectiveness, but not in a combined understanding of the relationship between all three variables. The researchers’ primary objective was to contribute valuable knowledge to the practical field of computer science by empirically validating the relationships between the CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness. Findings: The results of the first regression model between CTOs leadership styles and ISRM effectiveness were statistically significant. The second regression model results between CTOs leadership styles and the alignment of the governance of big data were not statistically significant. The results of the third regression model between CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness were statistically significant. The alignment of the governance of big data was a significant predictor in the model. At the same time, the predictive strength of all 3 CTOs leadership styles was diminished between the first regression model and the third regression model. The regression models indicated that the alignment of the governance of big data was a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness. Recommendations for Practitioners: With big data growing at an exponential rate, this research may be useful in helping other practitioners think about how to test mediation with other interconnected variables related to the alignment of the governance of big data. Overall, the alignment of governance of big data being a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness suggests the significant role that the alignment of the governance of big data plays within an organization. Recommendations for Researchers: While this exact study has not been previously conducted with these three variables with CTOs in the Western United States, overall, these results are in agreement with the literature that information security governance does not significantly mediate the relationship between IT leadership styles and ISRM. However, some of the overall findings did vary from the literature, including the predictive relationship between transactional leadership and ISRM effectiveness. With the finding of partial mediation indicated in this study, this also suggests that the alignment of the governance of big data provides a partial intervention between CTOs leadership styles and ISRM effectiveness. Impact on Society: Big data breaches are increasing year after year, exposing sensitive information that can lead to harm to citizens. This study supports the broader scholarly consensus that to achieve ISRM effectiveness, better alignment of governance policies is essential. This research highlights the importance of higher-level governance as it relates to ISRM effectiveness, implying that ineffective governance could negatively impact both leadership and ISRM effectiveness, which could potentially cause reputational harm. Future Research: This study raised questions about CTO leadership styles, the specific governance structures involved related to the alignment of big data and ISRM effectiveness. While the research around these variables independently is mature, there is an overall lack of mediation studies as it relates to the impact of the alignment of the governance of big data. With the lack of alignment around a universal framework, evolving frameworks could be tested in future research to see if similar results are obtained.

scholarly journals An Empirical Examination of the Effects of CTO Leadership on the Alignment of the Governance of Big Data and Information Security Risk Management Effectiveness

10.28945/4763 ◽  
2021 ◽  
Author(s):  
Shannon Block ◽  
Steven Munkeby ◽  
Samuel Sambasivam
Keyword(s):  
United States ◽  
Big Data ◽  
Information Security ◽  
Regression Model ◽  
Leadership Styles ◽  
Future Research ◽  
Security Risk ◽  
Information Security Risk ◽  
Security Risk Management ◽  
The Relationship

NOTE: This Proceedings paper was revised and published in the journal Issues in Informing Science and Information Technology, 16, 41-61. At the bottom of this page, click DOWNLOAD PDF to download the published paper. Aim/Purpose: Board of Directors seek to use their big data as a competitive advantage. Still, scholars note the complexities of corporate governance in practice related to information security risk management (ISRM) effectiveness. Background: While the interest in ISRM and its relationship to organizational success has grown, the scholarly literature is unclear about the effects of Chief Technology Officers (CTOs) leadership styles, the alignment of the governance of big data, and ISRM effectiveness in organizations in the West-ern United States. Methodology: The research method selected for this study was a quantitative, correlational research design. Data from 139 participant survey responses from Chief Technology Officers (CTOs) in the Western United States were analyzed using 3 regression models to test for mediation following Baron and Kenny’s methodology. Contribution: Previous scholarship has established the importance of leadership styles, big data governance, and ISRM effectiveness, but not in a combined understanding of the relationship between all three variables. The researchers’ primary objective was to contribute valuable knowledge to the practical field of computer science by empirically validating the relationships between the CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness. Findings: The results of the first regression model between CTOs leadership styles and ISRM effectiveness were statistically significant. The second regression model results between CTOs leadership styles and the alignment of the governance of big data were not statistically significant. The results of the third regression model between CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness were statistically significant. The alignment of the governance of big data was a significant predictor in the model. At the same time, the predictive strength of all 3 CTOs leadership styles was diminished between the first regression model and the third regression model. The regression models indicated that the alignment of the governance of big data was a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness. Recommendations for Practitioners: With big data growing at an exponential rate, this research may be useful in helping other practitioners think about how to test mediation with other interconnected variables related to the alignment of the governance of big data. Overall, the alignment of governance of big data being a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness suggests the significant role that the alignment of the governance of big data plays within an organization. Recommendations for Researchers: While this exact study has not been previously conducted with these three variables with CTOs in the Western United States, overall, these results are in agreement with the literature that information security governance does not significantly mediate the relationship between IT leadership styles and ISRM. However, some of the overall findings did vary from the literature, including the predictive relationship between transactional leadership and ISRM effectiveness. With the finding of partial mediation indicated in this study, this also suggests that the alignment of the governance of big data provides a partial intervention between CTOs leadership styles and ISRM effectiveness. Impact on Society: Big data breaches are increasing year after year, exposing sensitive information that can lead to harm to citizens. This study supports the broader scholarly consensus that to achieve ISRM effectiveness, better alignment of governance policies is essential. This research highlights the importance of higher-level governance as it relates to ISRM effectiveness, implying that ineffective governance could negatively impact both leadership and ISRM effectiveness, which could potentially cause reputational harm. Future Research: This study raised questions about CTO leadership styles, the specific governance structures involved related to the alignment of big data and ISRM effectiveness. While the research around these variables independently is mature, there is an overall lack of mediation studies as it relates to the impact of the alignment of the governance of big data. With the lack of alignment around a universal framework, evolving frameworks could be tested in future research to see if similar results are obtained.

Relating Wiener’s cybernetics aspects and a situation awareness model implementation for information security risk management

Kybernetes ◽  
2018 ◽  
Vol 47 (1) ◽  
pp. 58-79 ◽  
Author(s):  
Kushal Anjaria ◽  
Arun Mishra
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Situation Awareness ◽  
Human Beings ◽  
Security Risk ◽  
Content Type ◽  
Information Security Risk ◽  
Research Challenge ◽  
Security Risk Management ◽  
The Relationship

Purpose Situation awareness theory is a primary mean to take decisions and actions in a dynamically changing environment. Nowadays, to implement situation awareness, theories and models in organizational scenarios have become an important research challenge. The purpose of this paper is to investigate the relationship between the situation awareness theory and cybernetics. Further, the aim is to use this relationship to check the feasibility of situation awareness-based information security risk management (ISRM) implementation in the organizational scenario. Design/methodology/approach To investigate the relationship between situation awareness theory and cybernetics, Endsley’s situation awareness theory and Norbert Wiener’s cybernetics concepts and philosophy have been used in the present work. For a detailed study, concepts, techniques and philosophy of the cybernetics have been extracted from the thesis of Norbert Wiener titled “The human use of human beings” and “Cybernetics or control and communication in the animal and the machine”. Findings The present paper demonstrates that relationship can be successfully established between cybernetics and situation awareness theory. Further, this relationship can be used to solve organizational implementation issues related to situation awareness based systems. To demonstrate relationship and solutions of implementation issues, two case studies related to ISRM are also incorporated in the present case study. Originality/value The present work bridges two parallel and prominent theories of situation awareness and cybernetics. It also demonstrates that combination of both the theories can be used to feasibly implement situation awareness based systems in organizations.

scholarly journals EVALUATION OF INFORMATION SECURITY RISK MANAGEMENT USING COBIT 5 SUBDOMAIN EDM03 (ENSURE RISK OPTIMIZATION)

2018 ◽  
Vol 2 (1) ◽  
pp. 12-21
Author(s):  
Fransisca Tiarawati Riadi ◽  
Augie David Manuputty ◽  
Alhadi Saputra
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Security Risk ◽  
Risk Optimization ◽  
Iso 31000 ◽  
Information Security Risk ◽  
Level 1 ◽  
Security Risk Management

Pentingnya penggunaan Teknologi Informasi (TI) tidak bisa dipisahkan dari risiko-risiko yang akan mungkin terjadi. Satuan organisasi XYZ sendiri telah menerapkan manajemen risiko keamanan informasi menggunakan standar ISO 31000:2009 untuk meminimalisir risiko-risiko tersebut. Penerapan manajemen risiko keamanan informasi dilakukan agar satuan organisasi XYZ dapat mengetahui optimasi risiko yang dikelola satuan organisasi XYZ sudah berjalan dengan baik dan memberikan dampak yang signifikan. Sehingga satuan organsasi XYZ perlu melakukan evaluasi untuk mengetahui tingkat kapabilitas dalam memastikan optimasi risiko yang telah dilaksanakan satuan organisasi terhadap layanan TI. Framework COBIT 5 digunakan untuk melakukan evaluasi manajemen risiko keamanan informasi dengan melakukan pengukuran tingkat kapabilitas yang memfokuskan pada subdomain EDM03 (Ensure Risk Optimisation). Hasil penelitian ini pada subdomain EDM03 memiliki tingkat kapabilitas pada level 1 performed process kategori largely achieved dengan nilai 78,29%. Pada level ini proses yang diimplementasikan organisasi mencapai tujuan prosesnya. Manfaat penelitian ini bagi satuan organisasi XYZ dapat membantu manajemen risiko keamanan informasi dan pengimplementasi framework ISO 31000 mencapai nilai optimal dalam mendukung layanan TIK di Lembaga ABC.

Sign in / Sign up

Export Citation Format

Share Document