An Analysis of Executive Managers Acceptance of Cyber Security Risk Management – A Systematic Review

Outlet Title

AMCIS 2025 Proceedings: Cybersecurity, Privacy, & Ethics

Authors

Lordt Becklines, Dakota State University
Omar F. El-Gayar, Dakota State UniversityFollow

Document Type

Conference Proceeding

Publication Date

2025

Abstract

Information security is vital for safeguarding critical assets and services from cyber threats, but it incurs significant organizational costs and technological reliance, raising questions about its value and necessity. Security is not merely a technical issue but a strategic one requiring executive managers' involvement. This study examines how executive management's participation in information security risk management (ISRM) affects organizational security. A systematic literature review of 69 articles identifies the aspects and impacts of executive managers' (EM) involvement in cybersecurity risk management (CRM). Findings indicate that EM involvement is crucial for corporate strategy and business success, enhancing security, visibility and accountability at higher levels. EMs play a key role in protecting critical assets, aligning security strategy with business goals, and fostering a culture of awareness and responsibility. The paper proposes a best practice framework for maintaining EM involvement in CRM, aligning cybersecurity strategy with organizational goals while balancing costs and benefits.

Recommended Citation

Becklines, Lordt and El-Gayar, Omar F., "An Analysis of Executive Managers Acceptance of Cyber Security Risk Management – A Systematic Review" (2025). Research & Publications. 453.
https://scholar.dsu.edu/bispapers/453