Cybersecurity threats and incidents have a major impact on the management of organizations, affecting all hierarchical levels and requiring consideration in strategic and operational decisions. Senior managers, who are legally responsible in certain contexts, must guarantee cybersecurity and business continuity capabilities. Strand 2 responds to these imperatives, in line with Quebec government policies on digital transformation and AI integration. The work of Stream 2 also supports other government initiatives, such as L’Offensive de transformation numérique (OTN). Research advances will reinforce the government’s cybersecurity policy.

Organizations need to develop a resilient enterprise architecture, ensuring controlled risk management, secure transactions and a trusted environment for employees. Any IT innovation project for cybersecurity must integrate societal dimensions.

Business Technology Management (BTM) addresses this issue by integrating the concerns of the entire digital organization, placing cybersecurity at the heart of decision-making. The “Cybersecurity and Organizations” team’s research aims to deepen understanding of cybersecurity and organizations, and facilitate knowledge transfer.

The research axes focus on the different roles in and around organizations: leaders, employees, consumers, entrepreneurs and citizens. Each axis is led by experienced researchers capable of integrating ATM disciplines and interfacing with IT. Invited partners include some of the country’s largest and most innovative organizations.

This research program is organized into five axes, each focusing on a specific aspect of the interactions between people and organizations in the context of cybersecurity. The research questions address both scientific and practical issues, with a multidisciplinary team boasting extensive experience and an extensive network of collaborations. The partner organizations will be among the largest and most innovative in the country.

Focus 1: Leaders and governance

Executives and senior managers play an essential role in establishing a culture of cybersecurity within an organization. They must ensure that cybersecurity is a strategic priority and that the necessary resources are allocated for risk management. They must also be responsible for implementing a cybersecurity governance framework that defines cybersecurity roles and responsibilities within the organization.

Area 2: Employees and skills

Employees are the first line of defense against cyber attacks. It is therefore essential to make employees aware of cybersecurity risks and provide them with the skills they need to identify and report cyberthreats. Organizations should also set up cybersecurity training programs to ensure that employees are up to date on the latest threats and attack techniques.

3: Consumers and trust

Consumer confidence is essential to the success of online businesses. Consumers need to be confident that their personal data is protected when they conduct transactions online. Organizations need to put in place adequate security measures to protect consumer data and ensure a safe e-commerce environment.

Area 4: Entrepreneurs and innovation

Entrepreneurs and innovators are playing an increasingly important role in cybersecurity. They are developing new technologies and security solutions to help organizations protect their IT systems and data.

Area 5: Citizens and communications

Cybersecurity is a shared responsibility. Citizens also have a role to play in protecting themselves against cyber attacks. They need to be informed about cybersecurity risks and adopt safe online practices.