Resilient Information Security Governance & Management

Resilient Information Security Governance & Management

Research line: Learning and Innovation in Resilient Systems
PhD project
Start 2021

Contact: prof. dr. Rob Kusters

As data grows in volume and (strategic) importance, organizations are increasingly facing challenges related to its confidentiality, integrity and availability. In this context, organizations have clear incentives to strive for effective information security governance and management (ISG&M). At the same time organizations are facing an increasingly complex and dynamic environment. A fast-evolving digital environment means fast-evolving security challenges and an increasing threat complexity. 
The present research focuses on how organizations can organize ISG&M to best prevent the materialization of these risks. To answer this question, not only knowledge related to information science is required (how to organize SG&M on an organizational level), but also an understanding of organizational behavior theories. It is essential to grasp the evolution in employee behavior (and its predictors) over time to determine whether an ISG&M implementation will become firmly rooted within the organization. Therefore we aim to investigate the concept of ISG&M through Beer's (1981) Viable System Model (VSM), combined with Ajzen’s (1991) Theory of Planned Behavior (TPB).


Faculty of Science: prof. dr. Rob Kusters, dr. Tim Huygh 
Faculty of Management: prof dr. Robertjan Blomme