Anticipation of adverse events in cybersecurity as a social process
(2025) FLMU16 20242Division of Risk Management and Societal Safety
- Abstract
- In modern society with its ever-increasing interconnectedness and digitalisation, cybersecurity becomes a prominent issue with tangible ramifications beyond the cyber space. To effectively counter attacks, organisations and their cybersecurity managers must anticipate potential adverse events.
Most public research in cybersecurity is concentrated on technology; however, some literature suggests that the highest potential for progress in the field can be in the social and collaborative factors, including understanding of managerial decision-making. This research is informed by ethnographic studies and adopts a social constructionist point of view. Based on nine qualitative interviews with cybersecurity managers, four themes were produced:... (More) - In modern society with its ever-increasing interconnectedness and digitalisation, cybersecurity becomes a prominent issue with tangible ramifications beyond the cyber space. To effectively counter attacks, organisations and their cybersecurity managers must anticipate potential adverse events.
Most public research in cybersecurity is concentrated on technology; however, some literature suggests that the highest potential for progress in the field can be in the social and collaborative factors, including understanding of managerial decision-making. This research is informed by ethnographic studies and adopts a social constructionist point of view. Based on nine qualitative interviews with cybersecurity managers, four themes were produced: construction of foresight, preparing for adverse events, collectivity of anticipation, and assurance-giving. The analysis suggests that anticipatory work is a socio-political process, which challenges the dominant narratives in cybersecurity that focus on technology and adversarial interplay. It uncovers hidden demands of cybersecurity managers’ role, requiring competencies in storytelling, political negotiation, and trust-building. The phenomenon of anticipation in cybersecurity is an ongoing collective process of meaning-making, contingent on organisational politics and power relations, and performing confidence and control in the face of ambiguity. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/9213958
- author
- Belenkiy, Gennadiy LU
- supervisor
- organization
- course
- FLMU16 20242
- year
- 2025
- type
- H1 - Master's Degree (One Year)
- subject
- keywords
- Cybersecurity, prospective sensemaking, anticipation, incident, risk, FLMU06
- language
- English
- id
- 9213958
- date added to LUP
- 2025-10-16 13:30:39
- date last changed
- 2025-10-16 13:30:39
@misc{9213958, abstract = {{In modern society with its ever-increasing interconnectedness and digitalisation, cybersecurity becomes a prominent issue with tangible ramifications beyond the cyber space. To effectively counter attacks, organisations and their cybersecurity managers must anticipate potential adverse events. Most public research in cybersecurity is concentrated on technology; however, some literature suggests that the highest potential for progress in the field can be in the social and collaborative factors, including understanding of managerial decision-making. This research is informed by ethnographic studies and adopts a social constructionist point of view. Based on nine qualitative interviews with cybersecurity managers, four themes were produced: construction of foresight, preparing for adverse events, collectivity of anticipation, and assurance-giving. The analysis suggests that anticipatory work is a socio-political process, which challenges the dominant narratives in cybersecurity that focus on technology and adversarial interplay. It uncovers hidden demands of cybersecurity managers’ role, requiring competencies in storytelling, political negotiation, and trust-building. The phenomenon of anticipation in cybersecurity is an ongoing collective process of meaning-making, contingent on organisational politics and power relations, and performing confidence and control in the face of ambiguity.}}, author = {{Belenkiy, Gennadiy}}, language = {{eng}}, note = {{Student Paper}}, title = {{Anticipation of adverse events in cybersecurity as a social process}}, year = {{2025}}, }