Information technology governance and cybersecurity at the board level

IF 0.5 Q4 ENGINEERING, MULTIDISCIPLINARY International Journal of Critical Infrastructures Pub Date : 2020-04-30 DOI:10.1504/ijcis.2020.10029173
A. Sartawi
{"title":"Information technology governance and cybersecurity at the board level","authors":"A. Sartawi","doi":"10.1504/ijcis.2020.10029173","DOIUrl":null,"url":null,"abstract":"Security breaches are very costly in the USA, followed very closely by the Middle East. Shareholders and investors demand that their firms mitigate all kinds of risks, and it is the responsibility of the BOD to gain and maintain their confidence. In view of this scenario, MENA companies need to protect their data, while the BODs need to embed a culture of cybersecurity in the firm. The aim of this paper is to examine the relationship between information technology governance (ITG) and the level of cybersecurity by MENA listed firms. The study used a checklist to collect data from a sample of 94 firms listed in the financial stock markets of the MENA countries for the year ended 2018. The study found that there is a significant and direct relationship between ITG and the level of a firm's cybersecurity. This indicates the importance of appointing board members with IT knowledge and experience. This leads to better decisions taken by the BODs when faced with cyber-threats and challenges. In addition, IT expertise on the BODs can be important to understand what the Heads of IT are doing on the inside and, thus being knowledgeable enough to challenge their actions.","PeriodicalId":44956,"journal":{"name":"International Journal of Critical Infrastructures","volume":"1 1","pages":""},"PeriodicalIF":0.5000,"publicationDate":"2020-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Critical Infrastructures","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijcis.2020.10029173","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 20

Abstract

Security breaches are very costly in the USA, followed very closely by the Middle East. Shareholders and investors demand that their firms mitigate all kinds of risks, and it is the responsibility of the BOD to gain and maintain their confidence. In view of this scenario, MENA companies need to protect their data, while the BODs need to embed a culture of cybersecurity in the firm. The aim of this paper is to examine the relationship between information technology governance (ITG) and the level of cybersecurity by MENA listed firms. The study used a checklist to collect data from a sample of 94 firms listed in the financial stock markets of the MENA countries for the year ended 2018. The study found that there is a significant and direct relationship between ITG and the level of a firm's cybersecurity. This indicates the importance of appointing board members with IT knowledge and experience. This leads to better decisions taken by the BODs when faced with cyber-threats and challenges. In addition, IT expertise on the BODs can be important to understand what the Heads of IT are doing on the inside and, thus being knowledgeable enough to challenge their actions.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
董事会层面的信息技术治理和网络安全
在美国,安全漏洞的代价非常高昂,紧随其后的是中东。股东和投资者要求他们的公司降低各种风险,董事会有责任获得和保持他们的信心。鉴于这种情况,中东和北非地区的公司需要保护他们的数据,而董事会需要在公司中嵌入网络安全文化。本文的目的是研究信息技术治理(ITG)与中东和北非上市公司网络安全水平之间的关系。该研究使用清单收集了截至2018年的94家在中东和北非国家金融股票市场上市的公司的样本数据。研究发现,ITG与企业网络安全水平之间存在显著且直接的关系。这表明任命具有IT知识和经验的董事会成员的重要性。这使得董事会在面对网络威胁和挑战时能够做出更好的决策。此外,董事会的IT专业知识对于理解IT主管在内部做什么很重要,因此要有足够的知识来挑战他们的行为。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
International Journal of Critical Infrastructures
International Journal of Critical Infrastructures ENGINEERING, MULTIDISCIPLINARY-
CiteScore
2.00
自引率
16.70%
发文量
29
期刊介绍: IJCIS is an inter-disciplinary and refereed journal that provides a professional and scholarly forum for cross-learning between different scientific and technological disciplines, and between business and economic, as well as between societal and managerial, disciplines in the area of critical infrastructures. Critical infrastructures are networks for the provision of telecommunication and information services, energy services, water supply, transportation of people and goods, banking and financial services, government services and emergency services. By addressing commonalities and interrelationships between the various sectors, IJCIS enables scientists, policy makers and professionals in the field to learn from experiences in other countries and in other infrastructure sectors.
期刊最新文献
CPW-Fed Printed Patch Antenna for 5G-IoT Infrastructure Development The dynamic and secure storage of enterprise financial data based on cloud platform Application of Deep Learning Approach for detecting Brain Tumor in MR Images The Vibration Control of Magnetorheological Elastomer Damper for Eccentric Workshop Enabling Active Safety System along with Realtime monitoring and audio alerts in Two Wheelers through Smart Helmet System
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1