How does intellectual capital align with cyber security?

DOIhttps://doi.org/10.1108/JIC-04-2019-0079
Pages621-641
Date24 September 2019
Published date24 September 2019
AuthorKaren Renaud,Basie Von Solms,Rossouw Von Solms
Subject MatterInformation & knowledge management
How does intellectual capital align
with cyber security?
Karen Renaud
Division of Cyber Security,
Abertay University, Dundee, UK and
University of South Africa, Florida, Gauteng, South Africa
Basie Von Solms
Academy for Computer Science and Software Engineering,
University of Johannesburg, Johannesburg, South Africa, and
Rossouw Von Solms
School of ICT, Nelson Mandela University, Port Elizabeth, South Africa
Abstract
Purpose The purpose of this paper is to position the preservation and protection of intellectual capital as a
cyber security concern. The paper outlines the security requirements of intellectual capital to help boards of
directors (BoDs) and executive management teams to understand their responsibilities and accountabilities in
this respect.
Design/methodology/approach The research methodology is desk research. In other words, we
gathered facts and existing research publications that helped us to define key terms, to formulate arguments
to convince BoDs of the need to secure their intellectual capital and to outline actions to be taken by BoDs
to do so.
Findings Intellectual capital, as a valuable business resource, is related to information, knowledge and
cyber security. Hence, preservation thereof is also related to cyber security governance and merits attention
from BoDs.
Research limitations/implications This paper clarifies BoDs intellectual capital governance
responsibilities, which encompass information, knowledge and cyber security governance.
Practical implications The authors hope that BoDs will benefit from the clarifications, and especially
from the positioning of intellectual capital in cyber space.
Social implications If BoDs know how to embrace their intellectual capital governance responsibilities,
this will help to ensure that such intellectual capital is preserved and secured.
Originality/value This paper extends a previous paper published by Von Solms and Von Solms, which
clarified the key terms of information and cyber security, and the governance thereof. The originality and
value is the focus on the securing of intellectual capital, a topic that has not yet received a great deal of
attention from security researchers.
Keywords Intellectual capital, Boards of directors, Intellectual capital security governance,
Executive management teams
Paper type Viewpoint
1. Introduction
Rastogi (2002) claims that an organizations intellectual capital (IC) is extremely valuable, as
valuable as any of its other assets. Dierickx and Cool (1989) argue that IC is actually the
most valuable organizational resource, giving an organization its competitive advantage.
There is evidence that IC makes up a large percentage of a companys market value (Blair
and Wallman, 2000). Organizations routinely act to protect and secure their tangible
information assets (Elson and LeClerc, 2006), so it makes sense that they should also act to
protect and secure their IC assets.
It is important for boards of directors (BoDs) and executive management teams to
understand the extent of their cyber-related responsibilities (Von Solms and Von Solms, 2018).
Journal of Intellectual Capital
Vol. 20 No. 5, 2019
pp. 621-641
© Emerald PublishingLimited
1469-1930
DOI 10.1108/JIC-04-2019-0079
Received 24 April 2019
Revised 4 June 2019
9 July 2019
Accepted 9 July 2019
The current issue and full text archive of this journal is available on Emerald Insight at:
www.emeraldinsight.com/1469-1930.htm
The authors have been listed in alphabetical order, to reflect their equal contributions to this paper.
621
Intellectual
capital align
with cyber
security
Here, we arguethat these cyber responsibilities also include the protection and securingof IC,
as a valuable, yet often intangible, asset. Consider that mostorganizations of the twenty-first
century utilize cyber space for critical business processes and relationship management, and
have become increasingly reliant on these new technologies (Goel and Sunena, 2018).
The underlying infrastructure, the internet, has very rapidly become an integral link in
modern information systems and a ubiquitous business enabler (Sukhodolov et al., 2018).
As a consequence,BoDsroles and responsibilities have changedsignificantly over the last
few decades (Flyverbom et al., 2019): they now have a mandate also to take responsibility for
cyber security governance. Yet they do not necessarily appreciate the extent of their cyber
responsibilities (Trautman, 2016). This relatively new responsibility makes BoDs and
executive management teams nervous (Sims, 2019; Abraham et al., 2019). Only a third of IT
professionals believe that board members really understand the cyber field (Bay Dynamics,
2015), probably because, despite cybers ubiquity in modern organizational usage, the core
concepts are poorly defined and understood (Ramirez and Choucri, 2016). This lack of clarity
gets in the way of organizations achieving their objectives (Althonayan and Andronache,
2018). Ina world wheredata breaches occur fartoo often, it is important forBoDs to appreciate
the full extent of their cyber-related governance responsibilities.
IC is clearly a valuable organizational asset (Bontis et al., 2000). Yet IC is also a far more
complicated and intangible concept than information (Turner et al., 2015). De Santis and
Presti (2018) [p. 361] call IC a multifaceted and heterogeneous concept.We shall
demonstrate that it has both informational and knowledge dimensions thus making the
preservation and securing thereof challenging. We will also argue that IC can be leaked via
the internet, meaning that it is necessary to explore the role of BoDs when it comes to the
intersection of IC and cyber security governance.
Von Solms and Von Solms (2018) have already written a similar treatise highlighting the
core concepts of cyber space and delineating the cyber-related remit of BoDs. Why do we
need to extend their discussion? We believe it is both helpful and valuable to consider how
IC fits in, because, in a modern knowledge-based economy (Powell and Snellman, 2004) with
hyper-connectivity via the internet, BoDs need to govern the security of all their valuable
assets, including IC.
To maximize the clarity of our discussion, we take the same approach as that taken by
Von Solms and Von Solms (2018), who argue that simple and understandable definitions of
the key terms in the cyber security space be provided and that a clear delineation of BoD
responsibilities be outlined. Here we extend their discussion to include IC security too.
We first present the underlying concepts from Von Solms and Von Solms(2018) paper in
Section 2 to ground our discussion in the foundational terms. We then turn our attention to
the concept of intellectual capital,providing a definition and positioning it within cyber
space in Sections 3 and 4. Section 5 consolidates the previous sections into a clear and
concise message for BoDs and executive management teams. We also provide a list of cyber-
related actions to be taken by boards in this respect. Section 6 concludes.
2. Information security and cyber security, what goes where? (Von Solms
and Von Solms, 2018)
Cyber security, as a topic, attracts considerable interest and attention from a wide spectrum
of stakeholders (Martin and Rice, 2011). It is growing in importance and significance, with
ever-expanding, long-term consequences and impacts (McMillan, 2019; Bianchi and Tosun,
2019). Stakeholders span the full spectrum from the ordinary citizen using online banking,
to companiesBoDs to nation states. BoDs are coming to the realization that protecting their
respective companiespresence in cyber space is a corporate governance responsibility that
cannot be delegated or neglected (Wootliff, 2019). BoDs are held accountable for the related
cyber risks in their companies, together with the associated subsequent legal implications
622
JIC
20,5

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT