An Exploration of Developing Issues and the relationship between Information Technology Governance and Multi-stakeholder Security Governance Scaling for Cyber Security Decision-Makers within the UK Small and Medium-Sized Enterprises Aviation

Ademola, Ojo Emmanuel (2021) An Exploration of Developing Issues and the relationship between Information Technology Governance and Multi-stakeholder Security Governance Scaling for Cyber Security Decision-Makers within the UK Small and Medium-Sized Enterprises Aviation. Doctoral thesis, ATLANTIC INTERNATIONAL UNIVERSITY HONOLULU, HAWAII.

Text Doctoral Thesis.docx - Published Version Download (1MB)

Abstract

The objective of this study is to feature the developing issues and explore the relationship between Information Technology Governance (ITG) and Multi-stakeholder Security Governance Scaling (MSGS) for decision-makers within the UK’s SME Aviation, which should benefit academia and practitioners. By conducting an extensive literature review, covering expert and scholarly writing, lean implementation thinking, SMEs cyber policymaking industrial and grand synergy, a profound knowledge level and concise synthesis can be presented, which informs the exploratory secondary qualitative research. In creating the framework, a process theory approach is pursued by transcribing primary data into secondary data to develop models and identify themes with a purposive survey sample from SMEs decision-makers. The sample consists of 2008 respondents of the SMEs from six industrial sectors with mainly UK’s SME Aviation. After the transcription of data, the output then reanalysed with principal component and link analysis tools. The outcome led to the lean adoption to cyber policymaking in SMEs. Core findings are that implementable cyber policy is at the heart of integration between ITG and MSGS. Decision-makers should consider the security culture of the SMEs Aviation and put in place an efficient information assurance and risk management guide. It becomes evident that the identifiable relationships between ITG and MSGS are due to scaling approach to implementable cyber policy. Suitable key performance indicators, metrics, dynamic approach to scaling are essential to implementable cyber policymaking. Interestingly, adoption of inappropriate scaling technique to security policies guidelines could affect the right balance of profiling negatively, assuring and delivering cybersecurity. Overall, decision-makers must produce a strategy of inclusion, training, communication for the integration of frameworks. Such a scaling approach provides a template for agile adoption to implementable cyber policymaking. Even though this study could build an academic bridge between academia and practice, there could be possible improvement using primary data via interviewing across numbers of SMEs Aviation from various countries, which could be a limitation as well as an opportunity for future research. Conclusively, it can be stated that implementable cyber policy must be adequately adapted to SMEs business environment of an industrial sector as industrial and grand cybersecurity strategy.

Actions (login required)

View Item