Cybersecurity Best Practices and Cultural Change in Global Business: Some Perspectives from the European Union

Cybersecurity Best Practices and Cultural Change in Global Business: Some Perspectives from the European Union

José Manuel Saiz-Alvarez (Tecnológico de Monterrey, Mexico) and Guillermo Calleja Leal (Royal Academy of History, Spain)
DOI: 10.4018/978-1-5225-0629-4.ch003


This chapter discusses how the adoption of best practices to increase cybersecurity in business affects the cultural value of the company. Primarily focused on the European Union, the chapter defines and analyzes both the impact of cyber security on the global business conducted in the European Union, and its relation to cloud computing. A brief analysis of the ISO27000 family of standards is made, to finally analyze the relationship between cybersecurity, cultural change and best practices in IT-based business. Businesses are facing now the Third Industrial Revolution characterized by real-time communications through Information and Communication Technologies, where fighting against cybercrime is essential to have safer and more reliable IT-based systems, given the negative effects emanated from cyber insecurity.
Chapter Preview


Modern corporations, and especially transnationals, must have a long-term vision to reduce, and ideally to eliminate, commercial and financial risks associated with their daily commercial or services operations. As a vital part of this vision is to fulfill an internationally-oriented efficient management to foster business expansion beyond domestic borders. A basic requirement for business success is rooted on the cultural adaptation to new environments (Militaru & Zanfir, 2014), where Information and Communication Technologies (hereinafter, ICTs), human resources formation, and working experience are vital to be rapidly adapted in international environments, and consequently, for being competitive in a hostile “glocalized” business world.

According to the three-step Model of Change defined by unfreezing human resources’ minds to prepare them for change, changing, and refreezing to reinforce changes made (Lewin, 1947), all organizations entails creating the perception and necessity that a change is needed, and after having changed, the organization solidifies it as the new norm. Changes are being made for cultural adaptation. When this process of cultural adaptation is reached, firms can strengthen their competitive position in the market. But, domestic companies are no longer the building block of modern economies, as they have been replaced by networks and groups, forming holdings situated in different regions of the world. In this internationally-based context, it is mandatory to develop supporting systems for network enterprises to have data at disposal for all stakeholders, and especially for clients and professionals working in the organization. As a result, customer service and ICTs play a key role in the Enterprise Information System (EIS) where data, knowledge and strategy are linked (Chung & Lee, 2006). In this sense, Dolan, García, Diegoli & Auerbach (2003) view organizations in terms of “complexity theory,” as they define modern corporations as cultures of organized chaos. This organized chaos is born from the combination of endogenous and exogenous reasons. Endogenous variables (personnel, trade unions, stakeholders, etc.) are easier and faster to manage, while satisfying customer’s demands. Moreover, exogenous reasons (mainly formed by unanticipated demand and supply shocks) are more difficult to manage, so firms must be very aware and active if they want to survive in a hostile and global business world. On the boundary of chaos is where the greatest creativity occurs, reinforced with the capacity for being self-organized, an aspect of particular importance, mainly for transnationals.

Another classical model of organizational change is Kotter’s Eight-step Change Model formed by the following steps: [1] establish a sense of urgency, in the sense of fighting complacency; [2] create the guiding coalition composed by influential leaders and effective managers; [3] develop an inspiring vision and a strategy; [4] communicate the change vision; [5] empower broad-based action to employees given them how to best make the vision a reality; [6] generate short-term wins; [7] consolidate gains to produce more change, and [8] anchor change in the organization's culture. As Kotter (2012, p. IX) says: “Modern trends demand more agility and change-friendly organizations; more leadership from more people, and not just top management; more strategic sophistication; and, most basically, a much greater capacity to execute bold strategic initiatives rapidly while minimizing the number of [factors] that slow firms down”. If firms want to survive in a hostile business world, they must be alert to change when necessary.

A third classical theory of behavioral science applied to business is the Nudge theory developed by Thaler & Sunstein (2008) which argues that positive reinforcement and indirect suggestions influence people’s motives and incentives. This situation is especially important in Internet, as it is full of messages and ideas only focused on buying certain goods and services. ICTs have accelerated social change, especially when values and ideas are directed towards social and cultural changes.

Complete Chapter List

Search this Book: