Six Board Roles for Information Security Governance

Research output: Contribution to journalConference Article in journalAcademicpeer-review

Abstract

As cyber threats evolve, board engagement is becoming increasingly essential to ensure Information Security (InfoSec) is integrated into an organization's strategic fabric, ensuring the protection of business value. Only through board-level active participation can the organization develop a security-conscious culture. Ultimately, board commitment to InfoSec helps reduce risks, maintain stakeholder trust, and ensure long-term success. However, little is yet known about the board's exact role in Infosec. Leveraging a framework from corporate governance literature identifying board roles, and drawing parallels with extant InfoSec literature, this paper explores board-level involvement in InfoSec in greater depth, leading to the identification and description of the board of directors' roles in this context. Moreover, the paper identifies a future research agenda to be pursued in an empirical setting to contribute to the growth of knowledge regarding board-level InfoSec governance.

Original languageEnglish
Pages (from-to)713-720
Number of pages8
JournalInternational Conference on Enterprise Information Systems, ICEIS - Proceedings
Volume2
DOIs
Publication statusPublished - 2024
Event26th International Conference on Enterprise Information Systems, ICEIS 2024 - Angers, France
Duration: 28 Apr 202430 Apr 2024
https://iceis.scitevents.org/?y=2024

Keywords

  • Accountability
  • Board of Directors
  • Governance
  • Information Security (InfoSec)

Fingerprint

Dive into the research topics of 'Six Board Roles for Information Security Governance'. Together they form a unique fingerprint.

Cite this