Abstract
Cybersecurity management is often seen as complex and non-linear because of the constantly evolving factors such as technology, agents, and the type and nature of cyber threats that make it difficult to design sustainable interventions. Importantly, institutions, society and markets are in a continuous process of evolution. It is this evolution that makes cybersecurity governance complex to manage. Management is currently faced with an insufficient understanding of sustainable interventions that would address the evolution of cybersecurity governance in meaningful ways. This study addresses this conundrum by drawing on theories such as social systems theory and post-structuralism from management and information systems disciplines to develop a solid framework for effective cybersecurity governance. The quantitative research that was carried out drew important constructs that would assist in understanding cybersecurity governance. These constructs were tested empirically to determine which of them would most likely address a sustainable cybersecurity governance approach. The quantitative research approach was useful since it was effective in answering the quantifiable ‘what’ and ‘how’ types of questions...
M.Com. (Information Technology Management)