A Systematic Synthesis of Critical Success Factors for Cybersecurity

William Yeoh, Shan Wang, Aleš Popovič, Noman H. Chowdhury

Research output: Contribution to journalArticlepeer-review

Abstract

Extant studies suggest that cybersecurity is critical and among the IT spending priorities of organizations. In response, the literature draws attention to the cybersecurity critical success factors (CSFs) that enable organizations to focus their scarce resources accordingly. Following a systematic literature review method, we analyze and synthesize extant CSF studies on cybersecurity implementation and management for organizations. Then, drawing on the synthesized CSFs and blending them with IT capability theory, we present an overarching cybersecurity CSF framework building upon 79 cybersecurity elements grouped into 11 CSFs under five dimensions of cybersecurity capability: organizational, infrastructural, strategic, process, and external. In addition, the descriptive analysis of the search results reveals the importance of the various factors and capabilities, the trend of the cybersecurity capability dimensions, the frequency and types of research methods, and the contextual impact of the factors. This research makes an important contribution to the literature on cybersecurity management. The CSF framework serves as the foundation for future researchers interested in measuring organizational cybersecurity success. In addition, practitioners can employ the synthesized CSFs and associated elements to guide their cybersecurity management.
Original languageEnglish
Article number102724
Pages (from-to)1-17
Number of pages17
JournalComputers and Security
Volume118
Issue numberJuly
Early online date14 Apr 2022
DOIs
Publication statusE-pub ahead of print - 14 Apr 2022

Keywords

  • Critical success factors
  • cybersecurity
  • systematic literature review
  • synthesis
  • classification
  • IT capability theory

Fingerprint

Dive into the research topics of 'A Systematic Synthesis of Critical Success Factors for Cybersecurity'. Together they form a unique fingerprint.

Cite this