Cybersecurity Research

Literature Review Findings

The literature review conducted on cybersecurity imparted me with vital knowledge crucial to understanding and mitigating cyber threats. From the undertaken literature review, organizations have immensely embraced information technology to derive a competitive edge from its benefits. In this regard, 4.57 billion people were using the internet as of 2020 (Alani, 2021, p. 6). However, these organizations are being faced with multiple cyberthreats that adversely impact their business operations. From the literature review, malware attacks, phishing, man-in-the-middle attacks are the most popular forms of cyber threats that impact organizations globally. Additionally, cybercriminals prefer using these attacks due to their simplicity and effectiveness in creating maximum damage to their victims.

Moreover, cyber threats are costly, with organizations losing billions of shillings from cyber-attacks every year. In this case, Pal et al. estimate that organizations lose an estimate of $600 billion annually to cyberattacks related cases. Additionally, cyberattacks are correlated to corporate brand image, with organizations incurring massive losses due to damaged reputations arising from cyber-attacks. Such an organization is Yahoo Inc. which lost $1.5 billion after announcing a cyber attack on over 1 billion user accounts in 2013 (Whitler & Farris, 2017, p. 4). Therefore, cyber-attacks have unpropitious impacts on corporate brand equity, which significantly affects organizations’ revenue. Besides brand image damage, cyber attacks expose organizations to legal consequences, making them lose massive revenue in fines, penalties, and regulator sanctions. However, the research showed that organizations focused more on reactive than proactive techniques to mitigate these cyber threats.

Example of a Research Methodology Used in the Literature Review Research

This literature review was based on a narrative literature review as its research methodology. This literature review methodology involved setting the scope of the literature review, where the research would be conducted on eight sources, a sizeable number to produce credible outcomes. In the scope aspect, the sources were limited to scholarly articles and academic journals published not earlier than five years ago. Moreover, the research was conducted in various research engines and databases such as Google Scholar, JSTOR, and IEEE Xplore in this literature review technique. After locating the different research databases, reviewing the abstracts of the various academic articles was vital to identify the peer-reviewed journals which are more relevant to cybersecurity research. Additionally, the references and bibliographies of the relevant articles were used to find other articles suited for this research.

In this literature review methodology, the core aspect involved summarizing the body of the selected literature. Additionally, conclusions were drawn from the topic under discussion while identifying literature gaps and inconsistencies in the selected sources. A clear focus was made on what the researchers were trying to discover in these resources in the analysis. Finally, the literature review methodology avoided sources funded by parties with conflicting interests to obtain credible resources as they might have influenced the results.

What has Been Studied and Gaps in Literature

From the literature review, sufficient research has been conducted on the various cyber threats that attackers use to breach organizations’ information systems. Previously undertaken research details a deep understanding of each cyberattack, its nature, and the technical and human perspective of the attacks. Additionally, there is adequate research that has been conducted concerning the various adverse impacts of cyber attacks on the organization. From the research, these adverse effects of cyber-attacks primarily consist of financial losses, legal consequences and damage to organizations’ brand image. Furthermore, the various cyber-attacks prevention and mitigation interventions have been studied, ranging from encryption techniques, firewalls, training employees on cybersecurity, and implementing effective cybersecurity policies.

However, most of these mitigation interventions have been designed to be reactive techniques rather than proactive ones. In this regard, the available research is immensely invested in designing and implementing reactive cyber-attack interventions and lesser efforts on proactive measures to address cyber threats. In this regard, there is an evident knowledge gap in proactive interventions such as real-time threat visibility and effective cybersecurity policing in organizations. Besides the focus on reactive mechanisms which isolate and address an attack after it has occurred, the power of a proactive cyber threat intervention such as real-time threat visibility and effective organizational cybersecurity policies cannot be underscored.

In this regard, timing is a critical factor in the field of cybersecurity. In the modern world, a significant number of firms do not detect potential cyber-attacks early enough, exposing them to increased risks of financial losses and brand image damage. Moreover, under the GDPR, organizations have a maximum of seventy-two hours to report data breaches to the regulators, failure to which these firms face hefty fines. Real-time threat visibility enables organizations to obtain new and actionable intelligence on the security of information systems early enough. On the other hand, effective and up to date cybersecurity policies provide organizations with guidelines on how information systems should be used, minimizing the risks associated with cyberattacks. In this regard, everyone in an organization with effective cybersecurity policies understands the mechanisms employed by the firm to protect its information systems and other assets. Therefore, more research should be dedicated to these two interventions to realize their potential effectiveness to mitigate cyber-attacks.

References

Whitler, K. A., & Farris, P. W. (2017). The impact of cyber attacks on brand image: Why proactive marketing expertise is needed for managing data breaches. Journal of Advertising Research, 57(1), 3-9.

Alani, M. M. (2021). Big data in cybersecurity: a survey of applications and future trends. Journal of Reliable Intelligent Environments, 1-30.