{"id":"https://openalex.org/W2617816955","doi":"https://doi.org/10.1108/ics-02-2016-0013","title":"The role of the chief information security officer in the management of IT security","display_name":"The role of the chief information security officer in the management of IT security","publication_year":2017,"publication_date":"2017-05-24","ids":{"openalex":"https://openalex.org/W2617816955","doi":"https://doi.org/10.1108/ics-02-2016-0013","mag":"2617816955"},"language":"en","primary_location":{"id":"doi:10.1108/ics-02-2016-0013","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-02-2016-0013","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074267765","display_name":"Erastus Karanja","orcid":"https://orcid.org/0000-0002-9475-3665"},"institutions":[{"id":"https://openalex.org/I123127086","display_name":"North Carolina Central University","ror":"https://ror.org/051r3tx83","country_code":"US","type":"education","lineage":["https://openalex.org/I123127086"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Erastus Karanja","raw_affiliation_strings":["Department of Computer Information Systems, North Carolina Central University, Durham, North Carolina, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Information Systems, North Carolina Central University, Durham, North Carolina, USA","institution_ids":["https://openalex.org/I123127086"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5074267765"],"corresponding_institution_ids":["https://openalex.org/I123127086"],"apc_list":null,"apc_paid":null,"fwci":3.3854,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.93503584,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"25","issue":"3","first_page":"300","last_page":"329"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9909999966621399,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.9901999831199646,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.6936227083206177},{"id":"https://openalex.org/keywords/officer","display_name":"Officer","score":0.6846228241920471},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.6576646566390991},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5817519426345825},{"id":"https://openalex.org/keywords/originality","display_name":"Originality","score":0.48335713148117065},{"id":"https://openalex.org/keywords/public-relations","display_name":"Public relations","score":0.46300390362739563},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.43239596486091614},{"id":"https://openalex.org/keywords/certified-information-security-manager","display_name":"Certified Information Security Manager","score":0.4306635856628418},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.3347601890563965},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.33171314001083374},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2575024366378784},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.24390387535095215},{"id":"https://openalex.org/keywords/qualitative-research","display_name":"Qualitative research","score":0.22964641451835632},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.16375979781150818},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.13159909844398499},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.11214935779571533},{"id":"https://openalex.org/keywords/sociology","display_name":"Sociology","score":0.09659141302108765}],"concepts":[{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.6936227083206177},{"id":"https://openalex.org/C2777189325","wikidata":"https://www.wikidata.org/wiki/Q61022630","display_name":"Officer","level":2,"score":0.6846228241920471},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.6576646566390991},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5817519426345825},{"id":"https://openalex.org/C2776950860","wikidata":"https://www.wikidata.org/wiki/Q2914681","display_name":"Originality","level":3,"score":0.48335713148117065},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.46300390362739563},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.43239596486091614},{"id":"https://openalex.org/C180823521","wikidata":"https://www.wikidata.org/wiki/Q1662502","display_name":"Certified Information Security Manager","level":5,"score":0.4306635856628418},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.3347601890563965},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.33171314001083374},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2575024366378784},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.24390387535095215},{"id":"https://openalex.org/C190248442","wikidata":"https://www.wikidata.org/wiki/Q839486","display_name":"Qualitative research","level":2,"score":0.22964641451835632},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.16375979781150818},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.13159909844398499},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.11214935779571533},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.09659141302108765},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/ics-02-2016-0013","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-02-2016-0013","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":66,"referenced_works":["https://openalex.org/W79229537","https://openalex.org/W168995569","https://openalex.org/W327362466","https://openalex.org/W588863799","https://openalex.org/W1493645886","https://openalex.org/W1506837987","https://openalex.org/W1511583883","https://openalex.org/W1515621739","https://openalex.org/W1604682389","https://openalex.org/W1715414298","https://openalex.org/W1938311840","https://openalex.org/W1964044985","https://openalex.org/W1972093152","https://openalex.org/W1977534227","https://openalex.org/W1987722700","https://openalex.org/W1997537847","https://openalex.org/W1999589374","https://openalex.org/W2002282625","https://openalex.org/W2012270501","https://openalex.org/W2012352432","https://openalex.org/W2013318972","https://openalex.org/W2019558715","https://openalex.org/W2033457500","https://openalex.org/W2034382614","https://openalex.org/W2037104605","https://openalex.org/W2037435283","https://openalex.org/W2047025305","https://openalex.org/W2058723179","https://openalex.org/W2062741415","https://openalex.org/W2064189328","https://openalex.org/W2079249836","https://openalex.org/W2080053209","https://openalex.org/W2082947254","https://openalex.org/W2091494072","https://openalex.org/W2095299437","https://openalex.org/W2096726050","https://openalex.org/W2101384705","https://openalex.org/W2118965472","https://openalex.org/W2122328334","https://openalex.org/W2133792010","https://openalex.org/W2135514582","https://openalex.org/W2136815068","https://openalex.org/W2140590715","https://openalex.org/W2143472739","https://openalex.org/W2156438052","https://openalex.org/W2158310699","https://openalex.org/W2159817467","https://openalex.org/W2171942130","https://openalex.org/W2199612315","https://openalex.org/W2282855837","https://openalex.org/W2291798430","https://openalex.org/W2341902149","https://openalex.org/W2418057537","https://openalex.org/W2517222954","https://openalex.org/W2560397594","https://openalex.org/W2567012703","https://openalex.org/W2752617332","https://openalex.org/W3122529229","https://openalex.org/W3124558050","https://openalex.org/W3125937830","https://openalex.org/W3144800719","https://openalex.org/W3214833809","https://openalex.org/W4245681663","https://openalex.org/W4255223229","https://openalex.org/W4285719527","https://openalex.org/W4402304847"],"related_works":["https://openalex.org/W4310892428","https://openalex.org/W23579156","https://openalex.org/W2777401565","https://openalex.org/W2934984010","https://openalex.org/W2056794087","https://openalex.org/W2120971814","https://openalex.org/W2403291514","https://openalex.org/W2473642314","https://openalex.org/W2028303111","https://openalex.org/W2617816955"],"abstract_inverted_index":{"Purpose":[0],"The":[1,56,80,117,191,219],"aim":[2],"of":[3,13,34,41,51,67,84,94,128,140,149,164,204,227,234,248],"this":[4],"study":[5,81],"is":[6,31,154,237,240],"to":[7,73,90,111,180,213,229],"advance":[8,209],"research":[9,36,58,210,222],"on":[10,38,157,201,211],"the":[11,14,18,39,49,62,112,122,129,141,147,158,165,172,176,181,202,232,243,249,256,265],"position":[12],"CISO":[15,159,170,177],"by":[16,242,263],"investigating":[17],"role":[19,40],"that":[20,71,97,120,136,167,223],"CISOs":[21,205],"play":[22],"before":[23],"and":[24,65,87,104,106,146,198,239,246,259,268],"after":[25],"an":[26,225],"IT":[27,68,99,113,123,143,196,215,235,250],"security":[28,45,69,100,114,124,144,216,233,251],"breach.":[29],"There":[30],"a":[32,42,92,126,133,138,150,169],"dearth":[33],"academic":[35],"literature":[37,59],"chief":[43],"information":[44],"officer":[46],"(CISO)":[47],"in":[48,76],"management":[50],"Information":[52,187],"Technology":[53],"(IT)":[54],"security.":[55],"limited":[57],"exists":[60],"despite":[61],"increasing":[63],"number":[64,127],"complexity":[66],"breaches":[70,101,252],"lead":[72],"significant":[74,257],"erosions":[75],"business":[77],"value.":[78],"Design/methodology/approach":[79],"makes":[82],"use":[83],"content":[85],"analysis":[86],"agency":[88],"theory":[89],"explore":[91],"sample":[93],"US":[95],"firms":[96,109,131,166,267],"experienced":[98],"between":[102],"2009":[103],"2015":[105],"how":[107,212,228],"these":[108],"reacted":[110],"breaches.":[115],"Findings":[116],"results":[118],"indicate":[119],"following":[121],"breaches,":[125],"impacted":[130],"adopted":[132],"reactive":[134],"plan":[135],"entailed":[137],"re-organization":[139],"existing":[142],"strategy":[145],"hiring":[148],"CISO.":[151],"Also,":[152],"there":[153],"no":[155],"consensus":[156],"reporting":[160],"structure":[161],"since":[162],"most":[163],"hired":[168],"for":[171,221],"first":[173],"time":[174],"had":[175],"report":[178],"either":[179],"Chief":[182,186],"Executive":[183],"Officer":[184],"or":[185],"Officer.":[188],"Research":[189],"limitations/implications":[190],"findings":[192],"will":[193],"inform":[194],"researchers,":[195],"educators":[197],"industry":[199],"practitioners":[200],"roles":[203],"as":[206,208,253,255],"well":[207,254],"mitigate":[214],"vulnerabilities.":[217],"Originality/value":[218],"need":[220],"advances":[224],"understanding":[226],"effectively":[230],"manage":[231],"resources":[236],"timely":[238],"driven":[241],"growing":[244],"frequency":[245],"sophistication":[247],"direct":[258],"indirect":[260],"costs":[261],"incurred":[262],"both":[264],"affected":[266],"their":[269],"stakeholders.":[270]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}