Success factors influencing cyber security risk management implementation: the cases of large Nigerian organisations

    Student thesis: Doctoral ThesisDoctor of Philosophy


    Cyber security risk management implementation success has become inevitable for business survival in the 21st century. The increasing challenges of managing cyber security risks, the
    elaborate mitigation activities and implementing cybersecurity measures in large Nigerian organisations have brought Cyber Security Risk Management (CSRM) implementation success
    to the fore in academics and practitioners' minds. Organisations are still unable to effectively manage these challenges due to the limited knowledge and failures of critical asset identification,
    valuation and loss estimation and the business case to invest adequately. Research on success factors for CSRM implementation is an under-researched area presented to facilitate the decision-making process towards CSRM implementation success in large organisations in Nigeria. The researcher's understanding to date demonstrates the lack of security models. It explores the need
    and the implications for successful CSRM implementation yet to be assessed in large organisations in Nigeria. Therefore, this study provides opportunities for relevant and innovative
    research and shows that it is of great significance to explore this subject among large organisations in Nigeria. The result leads to the successful implementation of CSRM.

    Grounded in the socio-technical theory, this research advances and contributes significantly to the body of knowledge because it: examines and evaluates combined social and technical factors
    influencing CSRM implementation success in Nigeria, analyses and proposes the adoption of socio-technical success factors. In doing so, propose a model for CSRM success factors as a
    decision-making tool and a reference guide in large organisations. This research examined the success factors for CSRM implementation in Nigeria through a qualitative, interpretive, multi-case study research design. Data collection was from semi-structured interviews of thirty subject experts with relevant years of experience in four case organisations' research areas, organisational and public documents. A thematic analysis identified organisational factors to align CSRM implementation needs with organisational objectives with appropriate corporate governance structure and strategies. Comprehensive CSRM process factors enable cybersecurity policies, risk management processes and procedures with various technological tools and controls to engage, guide and influence disciplined people factors and CSRM implementation success efforts. Findings from four case organisations reveal that these factors led to more durable decisions that culminated in the successful implementation of CSRM within an enabling defined legal and political environment.
    Date of Award2022
    Original languageEnglish
    Awarding Institution
    • Coventry University
    SupervisorRebwar Kamal Gharib (Supervisor), Zilia Iskoujina (Supervisor) & Muhammad Mustafa Kamal (Supervisor)

    Cite this