Using A Q-methodology in Demystifying Typologies for Cybersecurity Practitioners: A Case Study

The increasing number of cybersecurity breaches has forced organizations to apply specific strategies for ensuring business continuity and minimizing business risks. The complex socio-organizational dynamics in organizations influence the adoption of cybersecurity measures. This has created difficulties to align the implementation of cybersecurity measures with cybersecurity compliance. This study constructs a typology of cybersecurity practitioners in public organizations based on their perception of cybersecurity measures using a Q-methodology. Based on the analysis of the collected data from 14 participants in different organizations, the study reveals three distinctive typologies of cybersecurity practitioners. Such proposed typologies can be used for developing cybersecurity mitigation strategies and understanding the prioritization of cybersecurity measures for their implementation.