A Benefit Realization Approach to Cyber Security Projects in the Public Sector Organization

Munir Ahmad Saeed, Tahmina Rashid, Mohiuddin Ahmed

Research output: A Conference proceeding or a Chapter in BookChapter

Abstract

Wikki Leaks publishing nearly 10 million documents in a decade (2006-16), hacking into the former US Secretary of State and US presidential candidate Hillary Clinton’s emails, rumours of Russian interference in the US elections in 2017, news reports of hacking into computing system of Australian Parliament House and stealing of the design of yet under construction submarines for Australia, have created panic in all capitals and governments are allocating hefty budgets for consolidating defences against cyber breaches. Whereas the cyber threats are real and will increase as the developed world is fast moving towards Internet of Everything (IoE) environment. According to the findings of Telstra security Report 2019, 65 percent of Australian businesses suffered disruptions due to cyber breaches last year and 89 Percent said they had breaches which had gone unnoticed. Therefore, over 80 percent of the organizations expend about 20 percent of their IT budget on cyber security. With the cyber threats ever increasing, the private and the public sectors will implement new cyber technologies through projects. However, the rate of success in IT projects has been low and cyber security projects are expected to suffer from challenges.
There is an urgent need to apply a benefits realization approach to all projects for cyber security. Current project management approaches are output oriented but a benefits realization (BR) approach is outcomes based. Since the 80s as the project management (PM) matured as a discipline, it defined project success on successful management of scope, time and cost. But over the years, PM professionals and academics have realized that output-based PM approach is flawed, as it is only delivery based. Therefore, since a decade and a half, a new approach to PM has emerged, it is known as Benefits Realization, which focusses on the outcomes realized from the project outputs. In this chapter, the authors are proposing a similar approach to cyber security projects so that investments made into fortifying defences against cyber-attacks result in to real and realizable benefits to the governments and private businesses.
Original languageEnglish
Title of host publicationSecurity Analytics for the Internet of Everything
EditorsMohiuddin Ahmed, Abu Barakat, Al-Sakib Khan Pathan
Place of PublicationUnited Kingdom
PublisherCRC Press
Chapter5
Pages93-114
Number of pages21
ISBN (Print)9780367440923
Publication statusPublished - 2020

    Fingerprint

Cite this

Saeed, M. A., Rashid, T., & Ahmed, M. (2020). A Benefit Realization Approach to Cyber Security Projects in the Public Sector Organization. In M. Ahmed, A. Barakat, & A-S. K. Pathan (Eds.), Security Analytics for the Internet of Everything (pp. 93-114). United Kingdom: CRC Press.