Security First, Security by Design, or Security Pragmatism – Strategic Roles of IT Security in Digitalization Projects

Although digital transformation is geared to achieving strategic goals such as efficiency or competitive advantages, it involves digital threats. IT security is an overarching task for managers and specialists that currently receives little attention in digitalization projects. Therefore, the strategic potential of IT security mostly remains untapped due to a lack of appropriate decision-making and communication tools that support project managers to address IT security consciously. This work tackles this issue by introducing a method to strategically consider IT security in digitalization projects using a design science approach. As a result, three strategic variants of IT security in digitalization projects and their underlying drivers were identified. By consolidating this knowledge into an applicable artifact, this work helps explain existing action patterns in organizations. Moreover, it provides a managerial tool to evaluate and decide on appropriate IT security for digitalization projects.