TY - JOUR
T1 - A Systematic Synthesis of Critical Success Factors for Cybersecurity
AU - Yeoh, William
AU - Wang, Shan
AU - Popovič, Aleš
AU - Chowdhury, Noman H.
N1 - Yeoh, W., Wang, S., Popovič, A., & Chowdhury, N. H. (2022). A Systematic Synthesis of Critical Success Factors for Cybersecurity. Computers and Security, 118(July), 1-17. [102724]. https://doi.org/10.1016/j.cose.2022.102724 ----The authors acknowledge the financial support from the Slovenian Research Agency (research core funding no. P5-0410).
PY - 2022/7/1
Y1 - 2022/7/1
N2 - Extant studies suggest that cybersecurity is critical and among the IT spending priorities of organizations. In response, the literature draws attention to the cybersecurity critical success factors (CSFs) that enable organizations to focus their scarce resources accordingly. Following a systematic literature review method, we analyze and synthesize extant CSF studies on cybersecurity implementation and management for organizations. Then, drawing on the synthesized CSFs and blending them with IT capability theory, we present an overarching cybersecurity CSF framework building upon 79 cybersecurity elements grouped into 11 CSFs under five dimensions of cybersecurity capability: organizational, infrastructural, strategic, process, and external. In addition, the descriptive analysis of the search results reveals the importance of the various factors and capabilities, the trend of the cybersecurity capability dimensions, the frequency and types of research methods, and the contextual impact of the factors. This research makes an important contribution to the literature on cybersecurity management. The CSF framework serves as the foundation for future researchers interested in measuring organizational cybersecurity success. In addition, practitioners can employ the synthesized CSFs and associated elements to guide their cybersecurity management.
AB - Extant studies suggest that cybersecurity is critical and among the IT spending priorities of organizations. In response, the literature draws attention to the cybersecurity critical success factors (CSFs) that enable organizations to focus their scarce resources accordingly. Following a systematic literature review method, we analyze and synthesize extant CSF studies on cybersecurity implementation and management for organizations. Then, drawing on the synthesized CSFs and blending them with IT capability theory, we present an overarching cybersecurity CSF framework building upon 79 cybersecurity elements grouped into 11 CSFs under five dimensions of cybersecurity capability: organizational, infrastructural, strategic, process, and external. In addition, the descriptive analysis of the search results reveals the importance of the various factors and capabilities, the trend of the cybersecurity capability dimensions, the frequency and types of research methods, and the contextual impact of the factors. This research makes an important contribution to the literature on cybersecurity management. The CSF framework serves as the foundation for future researchers interested in measuring organizational cybersecurity success. In addition, practitioners can employ the synthesized CSFs and associated elements to guide their cybersecurity management.
KW - Critical success factors
KW - cybersecurity
KW - systematic literature review
KW - synthesis
KW - classification
KW - IT capability theory
UR - http://www.scopus.com/inward/record.url?scp=85129249059&partnerID=8YFLogxK
UR - https://www.webofscience.com/wos/woscc/full-record/WOS:000797949500002
U2 - 10.1016/j.cose.2022.102724
DO - 10.1016/j.cose.2022.102724
M3 - Article
SN - 0167-4048
VL - 118
SP - 1
EP - 17
JO - Computers & Security
JF - Computers & Security
IS - July
M1 - 102724
ER -
