Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study
Background: Cyber resilience provides organisations with the ability to continuously deliver business services during an adverse cyber event. However, due to the multidisciplinary and diverse operational requirements needed for cyber resilience, the operationalisation of such a concept can introduce...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | Eng |
| Published: |
Department of Information Systems
2025
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613160971698176 |
|---|---|
| access_status_str | Open Access |
| author | Adams, Asterico Benjamin |
| author2 | Chigona, Wallace |
| author_browse | Adams, Asterico Benjamin Chigona, Wallace |
| author_facet | Chigona, Wallace Adams, Asterico Benjamin |
| author_sort | Adams, Asterico Benjamin |
| collection | Thesis |
| description | Background: Cyber resilience provides organisations with the ability to continuously deliver business services during an adverse cyber event. However, due to the multidisciplinary and diverse operational requirements needed for cyber resilience, the operationalisation of such a concept can introduce layers of complexity within an organisation where operationalisation is dependent on multiple stakeholders. It is therefore imperative to understand stakeholder perspectives and how it contributes to successful cyber resilience operationalisation. Purpose of the research: The objective of the study is to identify the factors that influence cyber resilience operationalisation from a stakeholder perspective and to explain how these factors impact the operationalisation of cyber resilience within an organisation. Design/Methodology/Approach: The study employed qualitative methods and was guided by Linkov and Kott's cyber resilience matrix framework which breaks down cyber resilience to various phases, presented as a continuum: plan, absorb, recovery and adapt. A financial services organisation in the Western Cape was used as the case study and purposive sampling was used to identify and interview stakeholders within the financial services organisation and gain insight into their perspectives regarding cyber resilience. Findings: The study underlined the influence of risk appetite and business requirements as factors in the plan phase, while the importance of data protection and adequacy of resilient system testing emerged as factors that influence the absorb phase. The impact of recovery time on business operations and data integrity were highlighted as key factors during the recovery phase. The impact of artificial intelligence, post incident review discussions and training and awareness were highlighted by stakeholders as important factors during the adapt phase. Overall, the findings show that these factors had an impact on the organisational priorities, resource availability, internal and external organisational considerations and on the need for continuous improvement of cyber resilience processes within the organisation. Practical implications: The findings of this study highlight how these identified factors impact operationalisation considerations from a stakeholder perspective and how these considerations impact the cyber resilience readiness of the organisation. Originality/Contribution: This study contributes to the research on the factors that play a role in cyber resilience operationalisation from a stakeholder perspective within a South African organisation and provides empirical evidence of how these factors impact the phases of cyber resilience. The outcome of this study can be used as a comparison against other industries. |
| format | Thesis |
| id | oai:open.uct.ac.za:11427/41459 |
| institution | University of Cape Town (South Africa) |
| language | Eng |
| last_indexed | 2026-06-10T12:31:43.046Z |
| license_str | Not specified — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UCTD — University of Cape Town Open Access Repository |
| publishDate | 2025 |
| publishDateRange | 2025 |
| publishDateSort | 2025 |
| publisher | Department of Information Systems |
| publisherStr | Department of Information Systems |
| record_format | dspace |
| source_str | UCTD — University of Cape Town Open Access Repository |
| spelling | oai:open.uct.ac.za:11427/41459 Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study Adams, Asterico Benjamin Chigona, Wallace Sowon Karen Information Systems Background: Cyber resilience provides organisations with the ability to continuously deliver business services during an adverse cyber event. However, due to the multidisciplinary and diverse operational requirements needed for cyber resilience, the operationalisation of such a concept can introduce layers of complexity within an organisation where operationalisation is dependent on multiple stakeholders. It is therefore imperative to understand stakeholder perspectives and how it contributes to successful cyber resilience operationalisation. Purpose of the research: The objective of the study is to identify the factors that influence cyber resilience operationalisation from a stakeholder perspective and to explain how these factors impact the operationalisation of cyber resilience within an organisation. Design/Methodology/Approach: The study employed qualitative methods and was guided by Linkov and Kott's cyber resilience matrix framework which breaks down cyber resilience to various phases, presented as a continuum: plan, absorb, recovery and adapt. A financial services organisation in the Western Cape was used as the case study and purposive sampling was used to identify and interview stakeholders within the financial services organisation and gain insight into their perspectives regarding cyber resilience. Findings: The study underlined the influence of risk appetite and business requirements as factors in the plan phase, while the importance of data protection and adequacy of resilient system testing emerged as factors that influence the absorb phase. The impact of recovery time on business operations and data integrity were highlighted as key factors during the recovery phase. The impact of artificial intelligence, post incident review discussions and training and awareness were highlighted by stakeholders as important factors during the adapt phase. Overall, the findings show that these factors had an impact on the organisational priorities, resource availability, internal and external organisational considerations and on the need for continuous improvement of cyber resilience processes within the organisation. Practical implications: The findings of this study highlight how these identified factors impact operationalisation considerations from a stakeholder perspective and how these considerations impact the cyber resilience readiness of the organisation. Originality/Contribution: This study contributes to the research on the factors that play a role in cyber resilience operationalisation from a stakeholder perspective within a South African organisation and provides empirical evidence of how these factors impact the phases of cyber resilience. The outcome of this study can be used as a comparison against other industries. 2025-06-20T08:31:56Z 2025-06-20T08:31:56Z 2025 2025-06-20T08:31:10Z Thesis / Dissertation Masters MCom http://hdl.handle.net/11427/41459 Eng application/pdf Department of Information Systems Faculty of Commerce University of Cape town |
| spellingShingle | Information Systems Adams, Asterico Benjamin Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| thesis_degree_str | Master's |
| title | Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| title_full | Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| title_fullStr | Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| title_full_unstemmed | Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| title_short | Stakeholders' perspectives on factors influencing the operationalisation of cyber resilience – A financial services case study |
| title_sort | stakeholders perspectives on factors influencing the operationalisation of cyber resilience a financial services case study |
| topic | Information Systems |
| url | http://hdl.handle.net/11427/41459 |
| work_keys_str_mv | AT adamsastericobenjamin stakeholdersperspectivesonfactorsinfluencingtheoperationalisationofcyberresilienceafinancialservicescasestudy |