TITLE:
Cybersecurity Culture and Organizational Resilience: A Human-Centered Approach to Digital Risk Management
AUTHORS:
Shankar Subramanian Iyer, Brinitha Raji
KEYWORDS:
Cybersecurity Culture, Organizational Resilience, Human-Centered Security, Digital Risk Awareness, Cybersecurity Behaviour, Risk Management, Employee-Centric Security, IT Risk Governance
JOURNAL NAME:
American Journal of Industrial and Business Management,
Vol.15 No.5,
May
30,
2025
ABSTRACT: As organizations face an evolving threat landscape, the need for robust cybersecurity frameworks that transcend purely technical solutions becomes more pressing. This review paper introduces a conceptual model titled “Cybersecurity Culture and Organizational Resilience: A Human-Centered Approach to Digital Risk Management”, grounded in the integrated framework of Protection Motivation Theory (PMT), Theory of Planned Behaviour (TPB), Resilience Theory, Socio-Technical Systems Theory, and Organizational Culture Theory. The study highlights the importance of cultivating a cybersecurity culture and implementing human-centered practices to enhance organizational resilience against cyber threats. It explores how human behaviour, awareness, and support systems interplay with technical measures to form a comprehensive defence posture. The proposed model includes four primary hypotheses connecting cybersecurity culture, human-centered practices, digital risk behaviour, and organizational support systems to organizational resilience. Through a synthesis of theoretical perspectives and contemporary cybersecurity practices, and qualitative approach (interviewing 15 experts), the paper emphasizes a shift toward inclusive, psychologically informed, and behaviourally driven strategies in risk mitigation. This human-centered orientation addresses critical gaps in traditional cyber defences and provides insights into designing resilient organizations that are adaptive, proactive, and secure by design.