{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T23:11:37Z","timestamp":1780355497048,"version":"3.54.1"},"reference-count":9,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2018,3,12]],"date-time":"2018-03-12T00:00:00Z","timestamp":1520812800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2018,3,12]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>The purpose of this paper is to define cybersecurity and cybersecurity governance in simplified terms \u2013 to explain to the boards of directors and executive management their responsibilities and accountabilities in this regard.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>The primary research methodology utilized in this paper is desk research. A literature study is followed by some discussion in terms of the contribution made.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>Clearly define the relationship between cybersecurity and information security, especially from a governance perspective.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Research limitations\/implications<\/jats:title>\n<jats:p>The paper is based predominantly on an ISO standard.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>The simplification of terminology to be used in the governance of cybersecurity, together with assistance to the guiding of boards of directors regarding their duties and responsibilities as far as cybersecurity is concerned.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-04-2017-0025","type":"journal-article","created":{"date-parts":[[2018,1,29]],"date-time":"2018-01-29T19:25:36Z","timestamp":1517253936000},"page":"2-9","source":"Crossref","is-referenced-by-count":106,"title":["Cybersecurity and information security \u2013 what goes where?"],"prefix":"10.1108","volume":"26","author":[{"given":"Basie","family":"von Solms","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rossouw","family":"von Solms","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"140","reference":[{"key":"key2020093005185484800_ref001","unstructured":"ENISA (2016), \u201cDefinition of cybersecurity \u2013 gaps and overlaps in standardization\u201d, available at: www.enisa.europa.eu\/publications\/definition-of-cybersecurity (accessed 3 September 2016)."},{"key":"key2020093005185484800_ref002","unstructured":"Eva Ignatuschtschenko (2016), \u201cDeveloping a Cyber harm model\u201d, available at: www.sbs.ox.ac.uk\/cybersecurity-capacity\/system\/files\/EIgnatuschtschenko_GCSCC_presentation_160112_0.pdf (accessed 3 September 2016)."},{"key":"key2020093005185484800_ref003","unstructured":"ISACA (2016), \u201cISACA CSx Cybersecurity fundamentals\u201d, available at: www.sbs.ox.ac.uk\/cybersecurity-capacity\/system\/files\/EIgnatuschtschenko_GCSCC_presentation_160112_0.pdf (accessed 3 September 2016)."},{"key":"key2020093005185484800_ref004","author":"ISO","year":"2012"},{"key":"key2020093005185484800_ref005","author":"ISO\/IEC 27014","year":"2013"},{"key":"key2020093005185484800_ref006","doi-asserted-by":"crossref","first-page":"803","DOI":"10.1016\/j.cose.2011.07.003","article-title":"Cybercrime: understanding and addressing the concerns of stakeholders","volume":"30","year":"2011","journal-title":"Computers & Security"},{"key":"key2020093005185484800_ref007","unstructured":"NICE (2016), \u201cNational initiative for Cybersecurity education\u201d, available at: http:\/\/csrc.nist.gov\/nice\/ (accessed 3 September 2016)."},{"key":"key2020093005185484800_ref008","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1016\/j.cose.2013.04.004","article-title":"From information security to cyber security","volume":"38","year":"2013","journal-title":"Computers & Security"},{"key":"key2020093005185484800_ref009","unstructured":"SIFA (2016), \u201cSkills framework for the information age\u201d, available at: www.sfia-online.org\/en\/reference-guide (accessed 3 September 2016)."}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-04-2017-0025\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-04-2017-0025\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:22:50Z","timestamp":1753406570000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/26\/1\/2-9\/199489"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,12]]},"references-count":9,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,3,12]]}},"alternative-id":["10.1108\/ICS-04-2017-0025"],"URL":"https:\/\/doi.org\/10.1108\/ics-04-2017-0025","relation":{},"ISSN":["2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2018,3,12]]}}}