As history has taught us, cybersecurity incidents can be devastating to individuals, organizations, and nations. Unfortunately, the U.S. federal government has not been immune from the reality of the devastation caused by cybersecurity incidents. However, it has been suggested that a stronger federal cybersecurity culture can help to avoid cybersecurity incidents. Unfortunately, the current literature is silent on what constitutes federal cybersecurity culture, which would include core elements, possible variations, development, and management.
The purpose of this study was to better understand cybersecurity culture in U.S. federal organizations. To complete this study, a qualitative, exploratory inquiry regarding the core elements of U.S. federal cybersecurity culture was conducted. Specifically, interviews were conducted with 30 federal cybersecurity experts to better understand cybersecurity culture in U.S. federal organizations. The study resulted in seven significant conclusions: (1) employee lack of compliance with cybersecurity policies necessitates greater accountability; (2) U.S. federal organizations need more effective methods of cybersecurity training; (3) U.S. federal organizations should establish a cybersecurity strategic plan; (4) U.S. federal organizations should establish cybersecurity standard operating procedures; (5) U.S. federal organizations need innovative approaches to compete with the private sector in the recruitment of cybersecurity personnel; (6) U.S. federal organizations should collaborate in developing cybersecurity strategy; and (7) U.S. federal organizations need to shift their focus from cybersecurity compliance to cybersecurity maturity. The study concludes with implications for theory and practice as well as recommendations for further research.
The results of this research should serve as a guide for U.S. federal leaders in their efforts to establish a stronger cybersecurity culture, which would enhance the protection of critical information technology assets and sensitive information.
|Advisor:||Marquardt, Michael J.|
|Commitee:||Money, William H., Soule, Ralph T.|
|School:||The George Washington University|
|Department:||Human and Organizational Learning|
|School Location:||United States -- District of Columbia|
|Source:||DAI-A 79/08(E), Dissertation Abstracts International|
|Subjects:||Cultural Resources Management|
|Keywords:||Culture, Cybersecurity, Organizational culture|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be