Strategies for Implementing Cybersecurity Policies

Some cybersecurity leaders have not enforced cybersecurity policies in their organizations. The lack of employee cybersecurity policy compliance is a significant threat in organizations because it leads to security risks and breaches. The enforcement of cybersecurity policies is important in securing the information systems of organizations. Grounded in the theory of planned behavior, the purpose of this qualitative multiple case study was to explore strategies used by cybersecurity leaders to enforce cybersecurity policies in an organization. The cybersecurity leaders included information system security officers, cybersecurity managers, and chief information security officers (CISOs). The study population of the study was cybersecurity leaders associated with the enforcement of cybersecurity policies in some large organizations located in the southwest and northcentral Nigeria. The implication for positive social change lies in the potential to improve the confidentiality of data, reduction in the occurrence of breaches, enhanced integrity of personal information, continuous availability of services, and the safety of life through improved cybersecurity compliance and awareness.