This corpus-based study conducts detailed discourse analysis in the domain of enterprise cyber governance in the covid-19 era, with a self-built corpus containing textual discourse resources from nine typical digital technology companies and a reference corpus containing related official publications of the U.S. and the EU. Employing Fairclough’s three-dimensional model with steps of description, interpretation and explanation as the analytical framework, the authors investigate the discourse construction process for cyber governance in the business environment after the breakout of covid-19 epidemic. Based on theme and sample analysis, it is shown that the main concerns of the enterprise cyber governance discourse in the covid-19 era contain data breaches, information security, products and services, customers’ privacy and cyber espionage, and enterprises utilize a series of discursive strategies to (re)contextualize the linguistic realization. Combined with Halliday’s sociosemiotic theory, certain discursive practices are further explained in the social semiotic system as a whole, including the tenor, field and mode under the context of covid-19 epidemic. The contextual analysis proves that such strategies serve as the channels to legitimate the authority of the addressors (enterprises) over the cybersecurity of the main addressees (customers), which is further realized in certain context (situation), including two types of bidirectional relationships enterprises, customers and governments. The findings confirm that the linkage between a signifier and its signified can be realized by contextualization and (re)contextualization, and certain discourse can be materially realized by integrating the semiotic resources in the broader social context. This interdisciplinary study not only provides valuable insights for the domain of discourse and sociosemiotic studies, but also creates a new approach to the studies of cyber governance in the synchronic context.