Influential factors in industrial cybersecurity : a systematic literature review and roadmap for future research

Abstract

With increased application of technology in organizations, cyber-security has become an important factor as cyber-threats grow in number and become sophisticated. It is for this reason that governments and business organizations have invested considerably in cyber-security. However, despite the attention cyber-security has received over the years, it remains a challenge as reflected in the significant number of cyber-incidents. This paper thereby focused on examining the factors influencing industrial cyber-security with a view of determining how these factors have contributed to the success or failure of cyber-security efforts. To find answers, using a systematic literature review, we identified 4579 studies, out of which 40 articles were summarized. From the review, four main factors were identified and these are social, economic, technological, and environmental factors. The main social factors identified from the selected sources are human factors and regulatory compliance. It was established that human factors like knowledge and skills, negligence, behaviour, and attitude have affected the adoption and implementation of cyber-security in many organizations. In relation to compliance, the regulatory framework is too complex or people are not compelled to comply with cyber-security regulations. The main economic factor is resource availability while the technological factors are technological advancements and development of new cyber-attack methods. Resource constraints are the main environmental factor. This paper contributes to industrial cyber-security literature by highlighting influential factors affecting cyber-security and the research gaps in existing literature. The findings in this paper can guide the cyber-security strategies adopted by governments and organizations around the world.