Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics
Sustainability
; 14(3):1311, 2022.
Article
in English
| ProQuest Central | ID: covidwho-1686988
ABSTRACT
Background:
Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies, thus increasing the latter’s exposure to cyber threats. To mitigate this exposure, it is crucial for CISOs to have sufficient training and skills to help them identify how well security controls are managed and whether these controls offer the company sufficient protection against cyber threats, as expected. However, recent literature shows a lack of clarity regarding the manner in which the CISOs’ role and the companies’ investment in their skills should change in view of these developments. Therefore, the aim of this study is to investigate the relationship between the CISOs’ level of cyber security-related preparation to mitigate cyber threats (and specifically, the companies’ attitudes toward investing in such preparation) and the recent evolution of cyber threats.Methods:
The study data are based on the following public resources (1) recent scientific literature;(2) cyber threat-related opinion news articles;and (3) OWASP’s reported list of vulnerabilities. Data analysis was performed using various text mining methods and tools.Results:
The study’s findings show that although the implementation of cyber defense tools has gained more serious attention in recent years, CISOs still lack sufficient support from management and sufficient knowledge and skills to mitigate current and new cyber threats.Conclusions:
The research outcomes may allow practitioners to examine whether the companies’ level of cyber security controls matches the CISOs’ skills, and whether a comprehensive security education program is required. The present article discusses these findings and their implications.
Environmental Studies; cyber security; cyber security frameworks; cyber management; cyber security vulnerabilities; CISO’s role; cyber education; Software; Internet; Network security; Trends; Skills; Risk exposure; Internet crime; Malware; Structured Query Language-SQL; COVID-19; Set design; Literature reviews; Best practice; Data analysis; Computers; Data mining; Remote searching; Hackers; Security management; ISO standards; Computer security; Mitigation; Employees; Risk reduction; Ransomware; Security
Full text:
Available
Collection:
Databases of international organizations
Database:
ProQuest Central
Type of study:
Prognostic study
/
Systematic review/Meta Analysis
Language:
English
Journal:
Sustainability
Year:
2022
Document Type:
Article
Similar
MEDLINE
...
LILACS
LIS