ABSTRACT
Any modern cybersecurity strategy relies upon IT managers who are experts in their field, who are willing to employ best practices, and who educate their users. Large corporations have developed an intrinsic understanding of these factors. However, large corporations are comprised of departmental units that are not always considered in the organization’s cybersecurity profile. This is particularly true at colleges and universities where IT managers who are not affiliated with the central IT department sometimes employ their own security strategies. This article describes a study that surveyed 161 IT managers to determine their perceptions of their cybersecurity readiness. The model described in this study is the Practice and Awareness Cybersecurity Readiness Model (PACRM). The survey instrument was developed and validated, then tested using path analysis. Eleven of twenty-six relationships were found to be significant. This model offers a step forward in understanding top-to-bottom cybersecurity readiness in the modern threat environment.