Meseret Assefa Adamu

PhD Candidate at the University of Agder

Meseret Assefa Adamu is a Ph.D. research fellow in Cybersecurity culture at the Department of Information Systems, University of Agder, Norway. He obtained his BSc degree in Information Science from Jimma University, Ethiopia, and his MSc degree in Information Science from Addis Ababa University, School of Information Science, Addis Ababa, Ethiopia. Prior to his current position, he taught most IT and IS courses at the university and college levels, participated in different thematic research projects, and conducted problem-solving research projects in the area of Information Science and Systems.

Tell us about your project!

The cyber threat landscape has grown more complex than ever as organizations rapidly transform, rely on emerging digital technologies, and expand their networks. With the work patterns constantly shifting, organizations are more vulnerable to increasingly sophisticated cyberattacks and there are more things to protect than ever before. The rapidly changing nature of cyber risk means organizations need to continually update security measures and adopt a comprehensive approach to protect against increasing cyber threats. Relying on advanced technological security measures is not enough. Beyond technical measures, they must prioritize non-technical interventions to foster a desired cybersecurity culture. Fostering a desired CSC amid RDT is challenging because of the temporal disparity between the RDT and the process of shaping cybersecurity practices, principles, and mindset of employees in an organization. The disparity arises because RDT requires a swift implementation time, whereas fostering a desired CSC is a gradual process requiring continuous effort. Unless effectively managed, the rapidity of the transformation and the gradual process of fostering a desired CSC creates vulnerabilities that can be potentially exploited in cyberattacks. The impact of the temporal disparity on cybersecurity has not been adequately addressed by previous literature. Therefore, in this study, we empirically investigate this problem by exploring the non-technical cybersecurity initiatives implemented in an Ethiopian bank undergoing a five-year digital transformation process. We answer the following research question: How does the temporal disparity between rapid digital transformation and cultural change impact cybersecurity in organizations? We contribute to research and practice by developing a CSC framework that incorporates a multi-layered temporality dimension into Schein's organizational culture model.

“ With the work patterns constantly shifting, organizations are more vulnerable to increasingly sophisticated cyberattacks and there are more things to protect than ever before”

— Meseret Assefa Adamu on his research project “Fostering Cybersecurity Culture Amid Rapid Digital Transformation: The Case of Ethiopian Financial Institutions”