AbstractCyber security risk management implementation success has become inevitable for business survival in the 21st century. The increasing challenges of managing cyber security risks, the
elaborate mitigation activities and implementing cybersecurity measures in large Nigerian organisations have brought Cyber Security Risk Management (CSRM) implementation success
to the fore in academics and practitioners' minds. Organisations are still unable to effectively manage these challenges due to the limited knowledge and failures of critical asset identification,
valuation and loss estimation and the business case to invest adequately. Research on success factors for CSRM implementation is an under-researched area presented to facilitate the decision-making process towards CSRM implementation success in large organisations in Nigeria. The researcher's understanding to date demonstrates the lack of security models. It explores the need
and the implications for successful CSRM implementation yet to be assessed in large organisations in Nigeria. Therefore, this study provides opportunities for relevant and innovative
research and shows that it is of great significance to explore this subject among large organisations in Nigeria. The result leads to the successful implementation of CSRM.
Grounded in the socio-technical theory, this research advances and contributes significantly to the body of knowledge because it: examines and evaluates combined social and technical factors
influencing CSRM implementation success in Nigeria, analyses and proposes the adoption of socio-technical success factors. In doing so, propose a model for CSRM success factors as a
decision-making tool and a reference guide in large organisations. This research examined the success factors for CSRM implementation in Nigeria through a qualitative, interpretive, multi-case study research design. Data collection was from semi-structured interviews of thirty subject experts with relevant years of experience in four case organisations' research areas, organisational and public documents. A thematic analysis identified organisational factors to align CSRM implementation needs with organisational objectives with appropriate corporate governance structure and strategies. Comprehensive CSRM process factors enable cybersecurity policies, risk management processes and procedures with various technological tools and controls to engage, guide and influence disciplined people factors and CSRM implementation success efforts. Findings from four case organisations reveal that these factors led to more durable decisions that culminated in the successful implementation of CSRM within an enabling defined legal and political environment.
|Date of Award||2022|
|Supervisor||Rebwar Kamal Gharib (Supervisor), Zilia Iskoujina (Supervisor) & Muhammad Mustafa Kamal (Supervisor)|