The Role of Governance in Achieving Sustainable Cybersecurity for Business Corporations

Abstract

The study discusses the role of governance in the sustainability of cybersecurity for business corporations. Its objectives focus on tracking technology developments and their impact on industrial espionage attacks and theft of industrial intellectual property. It also identifies the indicators and effects of such espionage and theft on business corporations. The study is based on the content analysis methodology for analyzing intellectual production pertinent to cybersecurity governance and industrial cyber espionage. The study concludes that relying on information and communication technology without adopting a cybersecurity integrated approach including technical, organizational, and social measures leads to the disclosure of a corporation’s trade secrets by unauthorized persons. Moreover, loss of competitive advantage and damage to the corporate’s financial affairs and reputation may occur. The most important indicators of the study predicting dangers affecting business corporations are the absence of a strategic plan for cybersecurity, inefficient programs for training and cybersecurity awareness, and a lack of secure infrastructure. The vulnerability of business corporations to breaches has many implications. The study shows that cybersecurity governance in turn prepares the corporation to encounter risks targeting its trade secrets. The study finds that there are three integrated elements processes, technology, and persons, for establishing an effective cybersecurity governance program. Accordingly, the main aspects of cybersecurity governance can be employed. The study highlights a range of challenges that business corporations may face when implementing the cybersecurity governance program. These challenges are related to cybersecurity strategy, unified processes, implementation and accountability, senior leadership control, and resources.