Project Management: Changing

the way Cyber Security works in an organization



By Bhavyatta Bhardwaj





Cyber security forums and practices are at their peak with digital transformation of organizations all around the world. To address the issue of security, several models and frameworks have been developed and several practices have been introduced. These ideas need to be customised based on the business needs of the organization. A project management approach for cyber security is more comprehensive and effective for implementation of these practices. Unfortunately, the IT specialists and security gurus are not the only ones who log into the networks. A project manager can help the cyber security team to run projects smoothly within budget, and on time for completion, while ensuring security of the network and data. There can be a variety of recurring tasks or a major one-time task along with short-term and long-term priorities. A project manager can help run these responsibilities smoothly along with day-to-day functions of the team.

Keywords: cyber security, streamlined execution, strategic alignment, continuous improvement, business continuity, asset management, framework, models, practices, training


According to John Chambers, Executive Chairman of Cisco System, “At least 40% of all businesses will die in the next 10 year, if they don’t figure out how to change their entire company to accommodate new technologies” [19] This is the truth of digital transformation. Information Technology (IT) has become widespread across every industry and is a backbone to business operations. Michelle Pruitt (Program Analyst at U.S. Department of Veterans Affairs) stated that project-based firms usually depend on system developers and project managers to ensure the security aspects of concerned projects. For a company to call itself a digital enterprise, it must implement profound changes such as making large investments in the latest technologies adopting new business models, modify existing models, using change management to train the organization for digitization, thereby attaining business continuity. Without considering security one may not consider an IT project as complete. A company should consider enhancing their IT infrastructure to improve its security posture and ensure reliable business operations. This paper explains how a project manager can help achieve these results for the company and describes a framework to clarify communication between the security team and development team. According to SysAdmin, Audit, Network and Security (SANS) Institute, security should be an input in communication planning [7] This paper will also explain how project management can help streamline security and compliance. As of 2017, 31% of organizations have experienced cyber attacks on operational technology infrastructure, according to Cisco [19] and cyber security venture projects damages related to cybercrime to hit $6 trillion annually by 2021 [19] Therefore, the main point of distinction for the success or failure of an IT project is the adoption of best security practices.


According to IT governance, cyber security involves technologies, processes and controls designed to protect systems, network and data from cyber attacks. [18] A digital environment may also face major external threats unrelated to cyber environment, such as natural hazards, civil strife or terrorism. Any of these attacks may directly or indirectly impact an organization. Cyber security infrastructure includes devices and components to secure the digital environment and facilitate secure communication both within and outside of the organization. Organizations must ensure the digital security of assets that make it easy to control and overcome any cyber security issues to ensure that the organization is digitally secured.

In addition to securing the infrastructure, a company must also consider the specific security profile of the industry in which it operates. Upon the successful implementation and testing of a new and improved security profile, an organization may gain greater confidence in the level of protection it provides for its information assets [1]. Some of the factors that are likely to shift in the information security environment are [4]:



To read entire paper, click here


Editor’s note: Second Editions are previously published papers that have continued relevance in today’s project management world, or which were originally published in conference proceedings or in a language other than English.  Original publication acknowledged; authors retain copyright.  This paper was originally presented at the 13th Annual UT Dallas Project Management Symposium in May 2019.  It is republished here with the permission of the author and conference organizers.

How to cite this paper: Bhardwaj, B. (2019). Project Management: Changing the way Cyber Security works in an organization; presented at the 13th Annual UT Dallas Project Management Symposium, Richardson, Texas, USA in May 2019; published in the PM World Journal, Vol. VIII, Issue IX, October. Available online at https://pmworldlibrary.net/wp-content/uploads/2019/10/pmwj86-Oct2019-Bhardwaj-changing-the-way-cyber-security-works.pdf



About the Author

Bhavyatta Bhardwaj





Bhavyatta Bhardwaj is an early professional from Atlantic Canada with interest in Project management practices and cyber security. Previously with Bell Canada, she is now an IT consultant currently working for a utilities client. She has a Bachelor’s degree in IT from Uttar Pradesh Technical University in India and Master’s in Computer Science from University of New Brunswick in Canada. Bhavyatta specializes in optimal solution delivery for software development, implementation methodologies and frameworks, and IT operations management. She can be contacted at bhavyatta@gmail.com