Board Level Balanced Scorecard for Cyber Resilience
| dc.contributor.author | Pearlson, Keri | |
| dc.contributor.author | Prakash, Mridula | |
| dc.date.accessioned | 2023-12-26T18:51:13Z | |
| dc.date.available | 2023-12-26T18:51:13Z | |
| dc.date.issued | 2024-01-03 | |
| dc.identifier.doi | 10.24251/HICSS.2023.810 | |
| dc.identifier.isbn | 978-0-9981331-7-1 | |
| dc.identifier.other | 3c07f15d-1a7a-46a5-b957-c62a942392b1 | |
| dc.identifier.uri | https://hdl.handle.net/10125/107196 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 57th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Special Topics in Organizational Systems and Technology | |
| dc.subject | balanced scorecard | |
| dc.subject | boards of directors | |
| dc.subject | cyber resilience | |
| dc.subject | cyber risk | |
| dc.subject | cybersecurity | |
| dc.title | Board Level Balanced Scorecard for Cyber Resilience | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text | |
| dcterms.abstract | Boards of Directors (BODs) have a unique role in managing cybersecurity: they provide oversight to operational and strategic decisions while executing a fiduciary responsibility to manage cyber-risk. Since organizations cannot count on 100% protection, BODs must ensure their organizations are cyber-resilient, and can recover quickly from cyber incidents. But BOD reporting mechanisms are inadequate for this role. Most of the reporting to BODs are on operational metrics around protection, not cyber-resilience and the business at risk from a cyber incident. This paper suggests a balanced scorecard for cyber resilience (BSCR) for BODs. This theory-building research was informed by surveys and focus groups of cybersecurity leaders and board members. The BSCR gives business context-based insights and metrics on the biggest risks to cybersecurity resilience faced by their organization, and the investments their operational managers have made to mitigate the impact of these risks. Armed with the BSCR, BODs have the information they need for meaningful discussions and evaluation of their organization’s cyber-resiliency. | |
| dcterms.extent | 9 pages | |
| prism.startingpage | 6768 |
Files
Original bundle
1 - 1 of 1