This paper adopts a big data analytics-enabled (BDET) approach to the resource-based view (RBV) of the firm and seeks to establish boundary conditions for the value of certain information technology (IT) capabilities. RBV is concerned with identifying the resources and capabilities that enable a firm to attain and maintain the superior performance that cannot be easily duplicated by competitors (e.g. [36]). Studies that examine the adoption of RBV as a framework to investigate the contributions of IT resources typically demonstrate positive outcomes relating to a firm’s competitive advantage. For instance, Gupta and George [37] noted that RBV is based on the premise that firms can achieve a competitive advantage and improve organizational internal efficiency by combining IT resources with their other internal capabilities.
To explore the association between big data analytics and other IT capabilities, I first refine the conceptualization and measurement of knowledge management capability as a latent construct reflected in its three dimensions: acquisition, conversion, application, and security. In addition to the KM capabilities, the model leverages the National Institute of Standards and Technology (NIST) cybersecurity framework to conceptualize two types of cyber agility: pre-incidence and post-incidence agility. Last, the model examines the association among BDA capabilities, KM enablers, and two goals of effective firm cybersecurity—(1) improvement of cyber threat detection, and (2) reduction of business impacts from cyberattacks.
Explanatory variables: big data analytics capabilities
The first step in this model is to define the explanatory variable used in BDET methodology [23, 25, 37]. In line with the previous studies, I utilize big data analytics as the explanatory variable to examine the impact of its functionalities on firm performance. BDA has been described as a collection of aggregation analytics, and interpretation techniques that transform data into mechanisms useful in decision making [38]. For this model, I examine two important dimensions of BDA: its architectural components and technological capabilities.
The limited literature in big data analytics has documented the three main architectural components of big data analytics: (1) data aggregation, (2) data analysis, and (3) data interpretation [23]. The first component is data aggregation. Ward et al. [39] described data aggregation of big data analytics as the tool to collect disparate data from multiple sources, both internal and external to the organizations, and transform them into a format that is easier to read and analyze. Data aggregation is made up of three components which are the acquisition, transformation, and storage [40].
Data analysis is the second architectural component of big data analytics. This functionality is used to process and perform analyses on data from disparate sources to discover information useful for decision making [39]. To better understand the data analysis functionality of big data analytics, Delen [41] identified and documented the three components of data analysis: descriptive, predictive, and prescriptive analytics. Each element is differentiated by the type of data processed and the purpose of the analysis.
The third architectural component of big data analytics is data interpretation. This component generates outputs such as reports and visual representations (charts, dashboards, etc.) leveraged by organizations in the decision-making process. In particular, big data analytics data interpretation layer has been used to produce real-time reports, critical business operation alerts, proactive notifications, and operational key performance indicators (KPIs) [40].
Elements of big data analytics capability
The second dimension of big data analytics examined in the extant literature is its technological capabilities. Gupta and George [37] documented four types of big data analytics capability: analytical capability, decision support capability, traceability, and predictive capability. These capabilities allow big data analytics to process, in parallel, large data volumes and visualize data in a real-time or near real-time basis. It is these capabilities that differentiate big data functionalities from traditional business intelligence systems. The first big data analytics capability is analytical, which enables organizations to improve process efficiency and deliver business value that might have been previously difficult or impossible to discover [38].
With its decision support capability, big data analytics provides critical information such as historical reports, statistical analyses, time series comparison, and executive summaries to managers and executives to facilitate better decision making [42]. The third capability is predictive, which is used to enhance models employed for forecasting and planning; and to predict future market trends and business opportunities. The last big data analytics capability is traceability. This capability allows organizations to track critical data from diverse IT systems such as transactional and business intelligence applications. Taken together, BDA provides organizations with the ability to discover undetected correlations, patterns, and trends between specific variables of interest across multiple dimensions.
IT-enabled transformation resources
In this section, I examine the role of IT-enabled transformation resources in the model. IT-enabled transformation resources are defined as organizational capabilities that leveraged BDA functionalities to improve operational performance. In this model, knowledge management and cyber agility are considered as the intermediate IT capabilities. The first organizational capability is Knowledge Management (KM). This paper focuses on three of KM elements that are pivotal for KM to deliver business value—acquisition, conversion, and application. Also, to enhance our understanding of organizational agility, I examine the effects of BDA on the two forms of cyber agility—pre-cyber incidence and post-cyber incidence agility.
Outcomes
To conceptualize the ultimate outcomes or the business value of the model, I utilize a two-dimensional view of cyber capabilities—to improve cyber threat detection and to reduce the business impacts of cyberattacks. In line with the literature, I regard improve cybersecurity capabilities as the extent to which a firm effectively leveraged in cyber capabilities to ensure better protection for valuable information assets. I propose that big data analytics can be leveraged to improve the two dimensions of cyber agility; thereby, it serves as the critical link between knowledge management enablers and business value. Big data analytics does this by enhancing the three processes of KM—acquisition, conversion, and application. It also improves the two types of cyber agility. This premise is aligned with that of Goldman et al. [14] and Volberda [43] in which they suggested that, for an organization to achieve improved agility, including in agility in cyber protection, it requires the capabilities to process, on timely basis, a large volume and variety of distributed information that are both internal and external to the organization. Taken together, this model proposes that big data analytics is an essential IT resource capable of improving knowledge management enablers, ultimately accelerating cyber agility and contributing to improvements in the protection of a firm’s assets from cyber thefts.
As shown in Fig. 1, the research model adopted in this study follows a linear progress path that begins from the explanatory variables to practices, then moves on to the intermediate outcomes (knowledge management and cyber agility, which are considered “benefits”), and finally demonstrates examples of improved protection for a firm’s valuable assets (“business value” in the model).
Hypothesis development
Big data analytics and knowledge management
Organizations have long recognized Information Technology (IT) as an enabler of superior firm performance. To leverage these capabilities, therefore, most large organizations have invested considerably in IT solutions, especially in building knowledge management infrastructures. While these firms typically have been able to leverage their KM capabilities in terms of accumulating a massive amount of data, many of them have been unable to effectively utilize their collection of information assets to derive desired business benefits. In response to the perceived limitations of current knowledge management, many firms have launched big data analytics initiatives to leverage their information assets to achieve competitive sustainability.
Using different types of analytic tools such as data visualization, natural language processing, data mining, and statistical analysis, big data analytics enables a firm to obtain new critical information about its competition and broader economic environment from the existing data repository [4]. In particular, big data analytics allows a firm to find new knowledge that is either internal or external to the firm, to effectively track sources of knowledge, and to create a catalog of internal organizational knowledge. Also, big data analytics capabilities enable an organization to use its existing knowledge more effectively to track and respond to demands from customers and protect valuable information. Cao et al. [38] noted that BDA is an essential IT resource that allows an organization to improve the organizational capability to create, transfer, and store knowledge from diverse sources. Therefore, I hypothesize that:
H1
BDA enhanced three elements of knowledge management in organizations—acquisition, conversion and application processes.
Big data analytics and cyber agility
A large stream of literature has asserted that IT can enable agility by speeding up decision making, facilitating communication, and responding quickly to changing conditions [44]. In this study, I extend the literature to examine how BDA enhances organization cyber agility, which in turn contributes to effectively protect critical information assets from cyberattacks.
The frequency, intensity, impact, and sophistication of cyberattacks continue to grow. And at the same time, the actual time to detect and respond to threats is increasing [1]. To effectively address these issues, it has become imperative for organizations to deploy IT solutions that could help to improve cyber response capabilities. Cyber agility is important because cyberattacks are notoriously quick to carry out, and the devastating operational and financial consequences noticeable in a matter of minutes. For instance, Schiavone et al. [45] documented that 75% of organizations that had experienced cyberattacks reported that their network infrastructures and systems were compromised in minutes from an attack to data exfiltration, regardless of the size and maturity of the organization or the amount of money invested in information security.
Gupta and George [37] confirmed this assertion in their studies in which they argued that traditional knowledge management tools are too slow and inefficient to allow organizations to adequately response on time to cyber incidences; therefore, they suggested big data analytic solutions to provide the information to aid organizations’ agility capabilities to help shorten the amount of time and efforts required to respond and contain the cyberattacks.
Big data analytics provides an integrated platform that enforces standardization and integration of data and processes that are essential to enhance cyber agility. Also, the integration capability of BDA allows organizations to gather and share information in a timely manner. It also provides access to real-time, consistent, and comprehensive security information, which is essential for fast, efficient decision making [37]. The real-time access to pertinent information about the changing threat landscape allows organizations to respond rapidly to cyber incidences, which invariably contributes to the improvement of cyber agility. Further, Eastman et al. [1] argued that through the use of cyber analytics, organizations can predict unusual cyber activities including the ability to detect active insider and external threats. Taken together, the big data not only ensures the processing of detailed data, it also integrates diverse data types, delivered at various speeds and frequencies, all of which are essential to improve cyber agility [16]. Therefore, I hypothesize that:
H2
BDA has a positive impact on cyber agility.
Big data analytics and cybersecurity
The increased number of attack vectors and threat actors has resulted in exponential growth in the level of cybersecurity complexity for organizations of various sizes. While organizations have a wealth of existing or easy-to-access data that could support improved security, they lack the advanced analytic capability to analyze and effectively utilize these assets. In other words, current cybersecurity solutions are limited because of their general inability to efficiently analyze all data assets. Specifically, organizations are realizing that the traditional dump-and-analyze methodology has proven to be ineffective because it lacks the capability to store and analyze the needed data history in a timely fashion. Therefore, a new capability is required to leverage and evaluate data in a way that enhances cybersecurity technologies. Big data analytics offers the functionalities to assist organizations in achieving greater threat identification and remediation processes that are essential to mitigate cyber risks.
With big data analytics, organizations have the ability to store, process and analyze massive cybersecurity data sets relatively cheaply and quickly. A whole new area of opportunity has been unlocked in advanced analytics to enable business insights and improved decision making. In particular, the advanced analytics techniques such as data/text mining, machine learning, and pattern matching enhance the diagnosis and predictive and automate data analysis needed to generate insights and answer complex security questions. Invariably, big data analytics provides better visibility into network activity and tools to proactively detect malicious behavior before a breach occurs. Therefore, I hypothesize that:
H3
Big data analytics is positively associated with superior cyber protection.