Kristel M. de Nobrega , Anne-F. Rutkowski , Carol Saunders
{"title":"The whole of cyber defense: Syncing practice and theory","authors":"Kristel M. de Nobrega , Anne-F. Rutkowski , Carol Saunders","doi":"10.1016/j.jsis.2024.101861","DOIUrl":null,"url":null,"abstract":"<div><div>This review explores the problems Chief Information Security Officers (CISOs) and other cyber professionals face when defending their organization against cyberattacks. Using a Cyber Defense Grid, which was developed based on military science and cybersecurity concepts and terminology, we coded 125 articles published in Information Systems (IS) journals. We also employed three avenues (i.e., lenses) from cybernetic theory to frame the coding results to derive cyber defense strategies. In particular, we propose three strategic cyber defense modes: reactive, heuristic, and proactive. Taken together, these three modes suggest ways in which organizations can react strategically within the whole cyber defense domain.</div></div>","PeriodicalId":50037,"journal":{"name":"Journal of Strategic Information Systems","volume":"33 4","pages":"Article 101861"},"PeriodicalIF":8.7000,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Strategic Information Systems","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S096386872400043X","RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
This review explores the problems Chief Information Security Officers (CISOs) and other cyber professionals face when defending their organization against cyberattacks. Using a Cyber Defense Grid, which was developed based on military science and cybersecurity concepts and terminology, we coded 125 articles published in Information Systems (IS) journals. We also employed three avenues (i.e., lenses) from cybernetic theory to frame the coding results to derive cyber defense strategies. In particular, we propose three strategic cyber defense modes: reactive, heuristic, and proactive. Taken together, these three modes suggest ways in which organizations can react strategically within the whole cyber defense domain.
期刊介绍:
The Journal of Strategic Information Systems focuses on the strategic management, business and organizational issues associated with the introduction and utilization of information systems, and considers these issues in a global context. The emphasis is on the incorporation of IT into organizations'' strategic thinking, strategy alignment, organizational arrangements and management of change issues.