Miller, Marcus Soren2024-08-172024-08-172024-08-16vt_gsexam:40899https://hdl.handle.net/10919/120950The public sector needs the capacity for continual improvement and innovation. Cybersecurity threats against U.S. federal civilian agencies and national critical infrastructure stand out as a major problem area requiring agile and timely responses. Moreover, curbing ransomware attacks directed towards uniquely vulnerable domains, such as healthcare, education, and local government poses a particularly vexing policy challenge for government leaders. In three discrete essays, this dissertation examines management theories applied to the public sector and cybersecurity. The first two essays investigate a public management approach for improvement and innovation based on dynamic capabilities - that is, the organizational capacity to observe, understand, learn, and react in a transformational manner. The first essay of this dissertation presents a systematic literature review of empirical research on dynamic capabilities in the public sector which indicates clear benefits from the employment of dynamic capabilities through impacts on organizational capabilities, innovation, organizational change, operational performance, and public value. Building upon that literature review, the second essay of this dissertation applies archival data research and first-person interviews to examine the pivotal role played by dynamic capabilities in facilitating the generation and deployment of innovative cybersecurity approaches among the federal civilian agencies. This novel research identified and categorized dynamic capabilities in action and assessed their operational influence, specifically inter- and intra-agency collaboration, strategic planning, governance, and signature processes. The third essay of this dissertation was the first-ever documented system dynamics model of the ransomware ecosystem to understand incident trend patterns and provide insight into policy decisions. Simulation showed improvement by mandating incident reporting, reducing reporting delays, and strengthening passive defenses, but unexpectedly not by capping ransom payments.ETDenIn Copyrightdynamic capabilitiesinnovationpublic sectorcybersecurityransomwaresystem dynamics modelDissertation