Leadership and Culture

About this theme

Cyber security is central to the health and resilience of any organisation and this places it firmly within the responsibility of the Board. But it also means that enabling and facilitating good cyber security practices spans the whole of an organisation and is not simply the remit of the IT or technical teams.

Supporting those people in leadership positions of an organisation to make the best possible decisions about cyber security practices is desperately needed. This includes:

  • Support to navigate cyber risk management,
  • Providing accurate and relevant data/information presented in the most effective way,
  • Understanding the economics and incentives of cyber markets,
  • Facilitating a shared narrative and language between leaders, staff and cyber security experts

This theme will draw through the research from Phase One as well as the Cyber Readiness for Boards research project currently in progress. It will harvest the outputs of the recent work into economics, regulation and incentives by RISCS, NCSC and DCMS to provide input into future cyber security policy and legislation.

Research fellow

Berta Pappenheim

Related Projects

Games and Abstraction: The Science of Cyber Security

ChAISe: Choice Architecture for Information Security

Productive Security: Improving security compliance and productivity through measurement

Visualising Access Control Policies

cSALSA: Cyber Security Across the Life Span

UK Cybersecurity Policy Map

Leveraging the Multi-Stakeholder Nature of Cyber Security

Keeping the Internet of Things Secure: Investigating Incentives for ISPs and Individuals in the UK and Japan

MERIT: a fraMEwoRk to model and IncenTivise cyber security investment decisions

Social Machines

Incentivising Cybersecurity through Cyber Insurance

Economic Metrics for Supporting Cyber Security Investment Decision-Making

CR4B: Cyber Readiness for Boards