{"id":"https://openalex.org/W7154033452","doi":"https://doi.org/10.1145/3772318.3791142","title":"From Oversight to Insight: Transforming Cybersecurity Governance in Boardrooms","display_name":"From Oversight to Insight: Transforming Cybersecurity Governance in Boardrooms","publication_year":2026,"publication_date":"2026-04-13","ids":{"openalex":"https://openalex.org/W7154033452","doi":"https://doi.org/10.1145/3772318.3791142"},"language":null,"primary_location":{"id":"doi:10.1145/3772318.3791142","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772318.3791142","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2026 CHI Conference on Human Factors in Computing Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3772318.3791142","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028416574","display_name":"Tooba Aamir","orcid":"https://orcid.org/0000-0001-6190-1863"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Tooba Aamir","raw_affiliation_strings":["Data61, CSIRO, Clayton, VIC, Australia"],"raw_orcid":"https://orcid.org/0000-0001-6190-1863","affiliations":[{"raw_affiliation_string":"Data61, CSIRO, Clayton, VIC, Australia","institution_ids":["https://openalex.org/I1292875679","https://openalex.org/I42894916"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5117284972","display_name":"Georgia Psaroulis","orcid":"https://orcid.org/0000-0002-5802-8642"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Georgia Psaroulis","raw_affiliation_strings":["Geo-Spir, Perth, Australia"],"raw_orcid":"https://orcid.org/0000-0002-5802-8642","affiliations":[{"raw_affiliation_string":"Geo-Spir, Perth, Australia","institution_ids":["https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058516861","display_name":"Marthie Grobler","orcid":"https://orcid.org/0000-0001-6933-0145"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Marthie Grobler","raw_affiliation_strings":["Data61, CSIRO, Melbourne, Victoria, Australia"],"raw_orcid":"https://orcid.org/0000-0001-6933-0145","affiliations":[{"raw_affiliation_string":"Data61, CSIRO, Melbourne, Victoria, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035745103","display_name":"Helge Janicke","orcid":"https://orcid.org/0000-0002-1345-2829"},"institutions":[{"id":"https://openalex.org/I12079687","display_name":"Edith Cowan University","ror":"https://ror.org/05jhnwe22","country_code":"AU","type":"education","lineage":["https://openalex.org/I12079687"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Helge Janicke","raw_affiliation_strings":["Security Research Institute, Edith Cowan University, Perth, Western Australia, Australia"],"raw_orcid":"https://orcid.org/0000-0002-1345-2829","affiliations":[{"raw_affiliation_string":"Security Research Institute, Edith Cowan University, Perth, Western Australia, Australia","institution_ids":["https://openalex.org/I12079687"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.5959428,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"22"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.2851000130176544,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.2851000130176544,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12221","display_name":"Cybersecurity and Cyber Warfare Studies","score":0.08479999750852585,"subfield":{"id":"https://openalex.org/subfields/3320","display_name":"Political Science and International Relations"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.08030000329017639,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.753000020980835},{"id":"https://openalex.org/keywords/fiduciary","display_name":"Fiduciary","score":0.6342999935150146},{"id":"https://openalex.org/keywords/information-governance","display_name":"Information governance","score":0.5601999759674072},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.5047000050544739},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.5005000233650208},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.41130000352859497},{"id":"https://openalex.org/keywords/intersection","display_name":"Intersection (aeronautics)","score":0.38089999556541443},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.353300005197525}],"concepts":[{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.753000020980835},{"id":"https://openalex.org/C2776697845","wikidata":"https://www.wikidata.org/wiki/Q537098","display_name":"Fiduciary","level":3,"score":0.6342999935150146},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5982000231742859},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.5760999917984009},{"id":"https://openalex.org/C189922023","wikidata":"https://www.wikidata.org/wiki/Q17056348","display_name":"Information governance","level":4,"score":0.5601999759674072},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.5047000050544739},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.5005000233650208},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.41130000352859497},{"id":"https://openalex.org/C64543145","wikidata":"https://www.wikidata.org/wiki/Q162942","display_name":"Intersection (aeronautics)","level":2,"score":0.38089999556541443},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36059999465942383},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.353300005197525},{"id":"https://openalex.org/C27548731","wikidata":"https://www.wikidata.org/wiki/Q88272","display_name":"Investment (military)","level":3,"score":0.3224000036716461},{"id":"https://openalex.org/C3116431","wikidata":"https://www.wikidata.org/wiki/Q31728","display_name":"Public administration","level":1,"score":0.31690001487731934},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.3167000114917755},{"id":"https://openalex.org/C22607594","wikidata":"https://www.wikidata.org/wiki/Q5375150","display_name":"Enabling","level":2,"score":0.3147999942302704},{"id":"https://openalex.org/C196879817","wikidata":"https://www.wikidata.org/wiki/Q872685","display_name":"Data governance","level":4,"score":0.31130000948905945},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.3102000057697296},{"id":"https://openalex.org/C69360830","wikidata":"https://www.wikidata.org/wiki/Q1172237","display_name":"Data Protection Act 1998","level":2,"score":0.30630001425743103},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.30410000681877136},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.3028999865055084},{"id":"https://openalex.org/C190248442","wikidata":"https://www.wikidata.org/wiki/Q839486","display_name":"Qualitative research","level":2,"score":0.28850001096725464},{"id":"https://openalex.org/C121017731","wikidata":"https://www.wikidata.org/wiki/Q11661","display_name":"Information technology","level":2,"score":0.26460000872612},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.25110000371932983}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3772318.3791142","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772318.3791142","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2026 CHI Conference on Human Factors in Computing Systems","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3772318.3791142","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772318.3791142","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2026 CHI Conference on Human Factors in Computing Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Quality Education","id":"https://metadata.un.org/sdg/4","score":0.8442749381065369}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W98908339","https://openalex.org/W1988147352","https://openalex.org/W2041562787","https://openalex.org/W2150175719","https://openalex.org/W2162251541","https://openalex.org/W2284386481","https://openalex.org/W2343069507","https://openalex.org/W2494240753","https://openalex.org/W2752464345","https://openalex.org/W2791640790","https://openalex.org/W2794922599","https://openalex.org/W2911124423","https://openalex.org/W2946844474","https://openalex.org/W2950504429","https://openalex.org/W2962178652","https://openalex.org/W2968598478","https://openalex.org/W3004617639","https://openalex.org/W3028100120","https://openalex.org/W3059467696","https://openalex.org/W3091881793","https://openalex.org/W3092017098","https://openalex.org/W3125572029","https://openalex.org/W3158068843","https://openalex.org/W3162303083","https://openalex.org/W3165362989","https://openalex.org/W3175998072","https://openalex.org/W3177310074","https://openalex.org/W3196821158","https://openalex.org/W3208645186","https://openalex.org/W4200620631","https://openalex.org/W4206517825","https://openalex.org/W4206621993","https://openalex.org/W4206779461","https://openalex.org/W4225571424","https://openalex.org/W4283264886","https://openalex.org/W4284974058","https://openalex.org/W4308764956","https://openalex.org/W4324087505","https://openalex.org/W4391486507","https://openalex.org/W4391648307","https://openalex.org/W4393969846","https://openalex.org/W4396573393","https://openalex.org/W4400826451","https://openalex.org/W4409748981","https://openalex.org/W4409870698","https://openalex.org/W4410530229","https://openalex.org/W7077049281"],"related_works":[],"abstract_inverted_index":{"Cybersecurity":[0],"governance":[1,44,115,120],"is":[2],"increasingly":[3],"critical":[4],"in":[5,16,23,63,88],"a":[6,13,51,60,98],"digital":[7,34,130],"economy,":[8],"with":[9,55,90],"board":[10,48],"directors":[11,49],"playing":[12],"central":[14],"role":[15],"shaping":[17],"organisational":[18,91],"resilience.":[19],"Directors":[20],"are":[21],"pivotal":[22],"setting":[24],"cybersecurity":[25,41],"strategies":[26],"and":[27,43,66,71,85,109,129,142],"carrying":[28],"fiduciary":[29],"obligations":[30],"that":[31,103],"extend":[32],"to":[33,79,113,135],"risk":[35,81,127],"oversight.":[36],"This":[37,74],"study":[38,54],"examines":[39],"the":[40,122],"literacy":[42],"practices":[45],"of":[46,124],"Australian":[47],"through":[50],"qualitative":[52],"interview":[53],"13":[56],"participants.":[57],"Findings":[58],"reveal":[59],"substantial":[61],"gap":[62],"directors\u2019":[64],"knowledge":[65],"confidence,":[67],"undermining":[68],"effective":[69],"oversight":[70],"informed":[72],"decision-making.":[73],"deficit":[75],"limits":[76],"their":[77],"ability":[78],"interrogate":[80],"reports,":[82],"challenge":[83],"assumptions,":[84],"steer":[86],"investment":[87],"line":[89],"resilience":[92],"goals.":[93],"In":[94],"response,":[95],"we":[96],"propose":[97],"Board":[99],"Cyber":[100],"Governance":[101],"Model":[102],"integrates":[104],"targeted":[105],"education,":[106],"strategic":[107],"interventions,":[108],"structured":[110],"board\u2013CISO":[111],"engagement":[112],"improve":[114],"capability.":[116],"By":[117],"situating":[118],"cyber":[119],"at":[121],"intersection":[123],"executive":[125],"decision-making,":[126],"perception,":[128],"security,":[131],"this":[132],"work":[133],"contributes":[134],"human-computer":[136],"interaction":[137],"by":[138],"highlighting":[139],"socio-organisational":[140],"challenges":[141],"offering":[143],"actionable":[144],"insights":[145],"for":[146],"stronger":[147],"board-level":[148],"engagement.":[149]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-04-14T00:00:00"}