<![CDATA[Background: The rapid digitalization of critical infrastructure has increased exposure to cyber threats. While research on cybersecurity governance is growing, the mechanisms linking behavioral cybersecurity culture to sustained resilience, particularly in high-availability digital infrastructure like data centers, are underexplored. This study addresses this gap by exploring how Digital Risk Culture (DRC) drives Sustainable Cybersecurity Transformation (SCT) and generates Cyber Resilience Advantage (CRA), with Organizational Risk Response Habit (ORRH) as a boundary condition. Objective: The study investigates how DRC impacts CRA through SCT and examines the moderating role of ORRH. It uses Resource Advantage Theory to conceptualize DRC as behavioral capital, SCT as an orchestration mechanism aligned with the NIST Cybersecurity Framework, and CRA as a resilience-based outcome. Methods: A quantitative approach using Partial Least Squares Structural Equation Modeling (PLS-SEM) tested the hypotheses with data from 125 cybersecurity decision-makers in Indonesian data centers. PLS-SEM was chosen for its predictive modeling capabilities and ability to handle interaction effects. Results: Findings show DRC significantly influences SCT (beta = 0.499, p < 0.001), and SCT strongly enhances CRA (beta = 0.735, p < 0.001). ORRH negatively moderates the DRC-SCT relationship (beta = -0.120), indicating that excessive routinization can weaken adaptive transformation. The model explains 30.5 percent of the variance in SCT and 54.0 percent in CRA. Conclusion: This study highlights that DRC strengthens SCT, which enhances CRA in Indonesian data centers. The non-significant moderating effect of ORRH suggests formal governance mechanisms may counter routine reactivity, offering insights for CIOs and risk managers in fostering resilience-oriented transformation.]]>
Copyrights © 2026
