The Tensions of Cyber-Resilience: From Sensemaking to Practice

27 Pages Posted: 20 Sep 2022

See all articles by Benoit Dupont

Benoit Dupont

University of Montreal - School of Criminology

Clifford Shearing

University of Cape Town; University of Montreal, School of Criminology; University of New South Wales; University of Toronto

Marilyne Bernier

University of Montreal

Rutger Leukfeldt

The Hague University of Applied Sciences

Abstract

The growing sophistication, frequency and severity of cyberattacks targeting all sectors highlight their inevitability and the impossibility of completely protecting the integrity of critical computer systems. In this context, cyber-resilience offers an attractive alternative to the existing cybersecurity paradigm. We define cyber-resilience as the capacity to withstand, recover from and adapt to the external shocks caused by cyber risks. This article seeks to provide a broader organizational understanding of cyber-resilience and the tensions associated with its implementation, using financial institutions as a case study. We apply Weick’s (1995) sensemaking framework to examine four foundational tensions of cyber-resilience: a definitional tension, an environmental tension, an internal tension, and a regulatory tension. We then document how these tensions are embedded in cyber-resilience practices at the preparatory, response and adaptive stages. We rely on qualitative data from a sample of 58 cybersecurity professionals in the financial sector – a particularly exposed field – to uncover these tensions and how they reverberate across cyber-resilience practices.

Keywords: cyber-resilience, risk management, cyber-risks, sensemaking, regulation, standardization

Suggested Citation

Dupont, Benoit and Shearing, Clifford D and Bernier, Marilyne and Leukfeldt, Rutger, The Tensions of Cyber-Resilience: From Sensemaking to Practice. Available at SSRN: https://ssrn.com/abstract=4224537 or http://dx.doi.org/10.2139/ssrn.4224537

Benoit Dupont (Contact Author)

University of Montreal - School of Criminology ( email )

CP 6128 Succursale Centre-ville
Montreal, QC H2P 2H4
Canada

HOME PAGE: http://www.benoitdupont.net

Clifford D Shearing

University of Cape Town ( email )

Private Bag X3
Rondebosch, Western Cape 7701
South Africa

HOME PAGE: http://www.publiclaw.uct.ac.za/pbl/staff/cshearing

University of Montreal, School of Criminology ( email )

C.P. 6128 succursale Centre-ville
Montreal, Quebec H3C 3J7
Canada

University of New South Wales ( email )

Sydney
Australia

University of Toronto ( email )

Robarts Library
130 St. George Street, Room 8001
Toronto, ON M5S 1A5
Canada
416-978-3720 Ext. 234 (Phone)
416-978-4195 (Fax)

Marilyne Bernier

University of Montreal ( email )

C.P. 6128 succursale Centre-ville
Montreal, H3C 3J7
Canada

Rutger Leukfeldt

The Hague University of Applied Sciences ( email )

Johana Westerdijkplein 75
The Hague, Zuid Holland 2521 EN
Netherlands

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
188
Abstract Views
476
Rank
274,640
PlumX Metrics