Tensions that Hinder the Implementation of Digital Security Governance

Abstract: General rightsCopyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.• Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commer… Show more

“…DSG should be implemented as an institutionwide effort that supports digital business strategies and business innovation and manages security risks (Tan et al, 2017;Spremić & Šimunic, 2018;AlGhamdi et al, 2020). This approach of embedding security throughout the organization is considered crucial for establishing and maintaining a firm grip on security in contemporary organizations (Maynard et al, 2018;Schinagl et al, 2021). How do organizations implement digital security governance, and how can organizations govern digital security effectively?…”

“…Organizations therefore increasingly recognize the importance of fundamentally shifting their security approaches "from the basement to the boardroom", that is, from a narrowly focused, isolated IT technical issue toward a strategic, embedded and institutionally comprehensive business issue (McFadzean et al 2007;Kayworth & Whitten 2012;Kolkowska et al 2017;Nicho 2018;Manjezi & Botha 2019;AlGhamdi et al 2020;Schinagl & Shahim 2020;Dhillon et al 2021). In the literature, this strategic consideration of organizing for security throughout the organization and in the digital context refers to the concept of digital security governance (DSG) (Nicho 2018;Schinagl & Shahim 2020, Schinagl et al 2021). Implementing DSG is progressively positioned as a solution to encounter the ever-increasing number of cyberattacks, as it provides a system that aims to hold a grip on an organization's strategic objectives and ensure that security risks are managed (Tan et al 2017;AlGhamdi et al 2020;Schinagl & Shahim 2020).…”

“…Implementing DSG is progressively positioned as a solution to encounter the ever-increasing number of cyberattacks, as it provides a system that aims to hold a grip on an organization's strategic objectives and ensure that security risks are managed (Tan et al 2017;AlGhamdi et al 2020;Schinagl & Shahim 2020). However, the proliferation of cyberattacks and their high impact implications show that many organizations still perform poorly with respect to successfully implementing DSG (Lidster & Rahman 2018;Jalali et al 2019;AlGhamdi et al 2020;;Schinagl et al 2021).…”

“…A possible clarification is that implementing DSG remains difficult in complex connected digital environments because of increasing "conflicting demands", i.e., tensions (Lidster & Rahman 2018;Slayton 2021;Schinagl et al 2021). Organizations need to achieve their strategic goals and remain competitive through digital innovation, and at the same time, they need to protect and secure assets by implementing DSG mechanisms (Raza et al 2018;Carayannis et al 2019;AlGhamdi 2020).…”

“…In addition, DSG is aimed at reducing risk, whereas innovation efforts require being open to risk taking (Reza et al 2018). Tensions arise between such apparently contradictory yet interrelated elements that conceivably hinder the implementation of DSG (Lidster & Rahman 2018;AlGhamdi 2020;Smith & Baretta 2020;Slayton 2021;Schinagl et al 2021).…”

Digital Security Governance

“…DSG should be implemented as an institutionwide effort that supports digital business strategies and business innovation and manages security risks (Tan et al, 2017;Spremić & Šimunic, 2018;AlGhamdi et al, 2020). This approach of embedding security throughout the organization is considered crucial for establishing and maintaining a firm grip on security in contemporary organizations (Maynard et al, 2018;Schinagl et al, 2021). How do organizations implement digital security governance, and how can organizations govern digital security effectively?…”

“…Organizations therefore increasingly recognize the importance of fundamentally shifting their security approaches "from the basement to the boardroom", that is, from a narrowly focused, isolated IT technical issue toward a strategic, embedded and institutionally comprehensive business issue (McFadzean et al 2007;Kayworth & Whitten 2012;Kolkowska et al 2017;Nicho 2018;Manjezi & Botha 2019;AlGhamdi et al 2020;Schinagl & Shahim 2020;Dhillon et al 2021). In the literature, this strategic consideration of organizing for security throughout the organization and in the digital context refers to the concept of digital security governance (DSG) (Nicho 2018;Schinagl & Shahim 2020, Schinagl et al 2021). Implementing DSG is progressively positioned as a solution to encounter the ever-increasing number of cyberattacks, as it provides a system that aims to hold a grip on an organization's strategic objectives and ensure that security risks are managed (Tan et al 2017;AlGhamdi et al 2020;Schinagl & Shahim 2020).…”

“…Implementing DSG is progressively positioned as a solution to encounter the ever-increasing number of cyberattacks, as it provides a system that aims to hold a grip on an organization's strategic objectives and ensure that security risks are managed (Tan et al 2017;AlGhamdi et al 2020;Schinagl & Shahim 2020). However, the proliferation of cyberattacks and their high impact implications show that many organizations still perform poorly with respect to successfully implementing DSG (Lidster & Rahman 2018;Jalali et al 2019;AlGhamdi et al 2020;;Schinagl et al 2021).…”

“…A possible clarification is that implementing DSG remains difficult in complex connected digital environments because of increasing "conflicting demands", i.e., tensions (Lidster & Rahman 2018;Slayton 2021;Schinagl et al 2021). Organizations need to achieve their strategic goals and remain competitive through digital innovation, and at the same time, they need to protect and secure assets by implementing DSG mechanisms (Raza et al 2018;Carayannis et al 2019;AlGhamdi 2020).…”

“…In addition, DSG is aimed at reducing risk, whereas innovation efforts require being open to risk taking (Reza et al 2018). Tensions arise between such apparently contradictory yet interrelated elements that conceivably hinder the implementation of DSG (Lidster & Rahman 2018;AlGhamdi 2020;Smith & Baretta 2020;Slayton 2021;Schinagl et al 2021).…”

Digital Security Governance

Beschleunigung als Erfolgsfaktor in der digitalen Transformation

Research on platform data security governance strategy based on three-party evolutionary game