A systematic synthesis of critical success factors for cybersecurity

Extant studies suggest that cybersecurity is critical and among the IT spending priorities of organizations. In response, the literature draws attention to the cybersecurity critical success factors (CSFs) that enable organizations to focus their scarce resources accordingly. Following a systematic...

Full description

Saved in:
Bibliographic Details
Published inComputers & security Vol. 118; p. 102724
Main Authors Yeoh, William, Wang, Shan, Popovič, Aleš, Chowdhury, Noman H.
Format Journal Article
LanguageEnglish
Published Amsterdam Elsevier Ltd 01.07.2022
Elsevier Sequoia S.A
Subjects
Critical success factors
Cybersecurity
IT capability theory
Literature reviews
Organizations
Research methodology
Success factors
Synthesis
Synthesis, classification
systematic literature review
Cybersecurity
IT capability theory
Critical success factors
Synthesis, classification
systematic literature review
Online AccessGet full text

Cover

More Information
Summary:Extant studies suggest that cybersecurity is critical and among the IT spending priorities of organizations. In response, the literature draws attention to the cybersecurity critical success factors (CSFs) that enable organizations to focus their scarce resources accordingly. Following a systematic literature review method, we analyze and synthesize extant CSF studies on cybersecurity implementation and management for organizations. Then, drawing on the synthesized CSFs and blending them with IT capability theory, we present an overarching cybersecurity CSF framework building upon 79 cybersecurity elements grouped into 11 CSFs under five dimensions of cybersecurity capability: organizational, infrastructural, strategic, process, and external. In addition, the descriptive analysis of the search results reveals the importance of the various factors and capabilities, the trend of the cybersecurity capability dimensions, the frequency and types of research methods, and the contextual impact of the factors. This research makes an important contribution to the literature on cybersecurity management. The CSF framework serves as the foundation for future researchers interested in measuring organizational cybersecurity success. In addition, practitioners can employ the synthesized CSFs and associated elements to guide their cybersecurity management.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2022.102724