Samenvatting

Enterprises face increasingly complex cyber risks that threaten their continuity and operational stability. This study reveals that effectively integrating Cyber Security (CS) and Enterprise Architecture (EA) can significantly enhance Cyber Risk Management (CRM) by enabling a more holistic, proactive, and efficient approach to identifying, assessing, and addressing cyber threats. While existing literature highlights the benefits of integrating CS and EA, it provides limited guidance for achieving this integration. This research addresses that gap by identifying practical strategies to facilitate CS and EA integration within enterprises. Through a qualitative research approach, data from a focus group and interviews with experts were thematically analyzed, resulting in four key strategies for integration: (1) Embedding CS into EA frameworks, (2) Leveraging agile and secure development methodologies, (3) Enhancing knowledge exchange between CS and EA teams, and (4) Aligning CS and EA functions within the organizational structure. Additionally, participants agreed that the integration of CS and EA can lead to improved and more efficient CRM. These findings demonstrate that a well-integrated CS and EA approach can enable enterprises to address cyber risks more proactively and holistically