This master thesis explores strategies to support cybersecurity leadership by focusing on the development and refinement of a Digital Twin of an Organization (DTO) model tailored to the needs of Chief Information Security Officers (CISOs). Modern cybersecurity management requires CISOs to make complex strategic decisions amid dynamic threats, regulatory pressures, and resource constraints.

This work investigates the potential of DTOs to support these challenges by providing a structured, context-aware overview of an organization’s cyber posture. A conceptual DTO model was developed based on expert input, refined through iterative interviews, and evaluated against real-world CISO responsibilities.

Findings from the expert evaluations highlight the model’s strategic relevance and its potential to enhance situational awareness, support risk assessment, and guide compliance planning. However, they also emphasize the importance of contextualization and usability features, such as explainability and dashboard design, for future iterations. The work contributes to the field of cybersecurity by presenting a concept for a DTO-based support system, structured around key capabilities including simulation, contextual risk evaluation, and strategic alignment with cybersecurity governance.