Cybersecurity is one of the main concerns of most organizations, derived from the violation of their cybersecurity. The objective of this chapter is the development of a bibliometric study on cybersecurity from the organizational level. For the method, the Web of Science platform was chosen, since it indexes and organizes scientific production and has the high impact factor of the Journal Citation Report (JCR). The results show evidence of the evolution in which cybersecurity has been addressed within the organizational field, so the originality is related to the business importance in this globalized world. The various theories and approaches used in empirical studies provide valuable perspectives to understand the behavior of the actors involved, the motivations behind criminal actions, and cyber risk prevention and mitigation strategies, contributing to the good performance of organizations. These findings show the interest of the scientific community, observing a growing trend around publications within the subject of study.
TopIntroduction
Today, the development of digital technologies is having an impact on all sectors of society (Stetsenko et al., 2021), by providing benefits for companies and even governments allowing them to increase the speed and accessibility of information communication technologies through better performance, productivity and reduction of operating costs (Yong et al., 2010; Park et al., 2017). Therefore, information technologies play a fundamental role in the development of business activities, as a source of competitive advantage, since organizations have access to a better position in the market (Hernández & Salcedo, 2020), derived from the wide spectrum of business opportunities that trigger the general strategy within companies (Latilla et al., 2021).
However, the benefits provided by information technologies, their implementation and use in productive activities often entail serious managerial challenges that impact information security (Hasan et al., 2021); in this sense, it has been pointed out that cyber threats that violate systems within organizations are becoming more frequent as a result of the ease in preparing and executing this type of threat. The foregoing has caused an increase in criminal activity within the cybernetic area, for which there are no borders, attacking national, industrial and financial interests (Dzyana et al., 2022).
One of the phenomena that demonstrated the total dependence on the technological field for most sectors of society was the SARS-CoV-2 pandemic, which led to the search for and implementation of technological solutions for adaptation to the new normality and, brought with it the need for an adequate level of cybersecurity to protect the remote workforce as well as the technological infrastructure of organizations (Furnell et al., 2021), as cyber-attacks focus on vulnerable people and technological systems (Pranggono & Arabic, 2020).
This global phenomenon triggered a series of unprecedented information security concerns, derived from a worldwide increase in scams and cyber fraud, inducing the search for solutions and strategies to deal with this type of attack worldwide (Al-Qahtani & Cresci, 2022), for governments, society and, above all, for organizations (Carrapico & Farrand, 2020), who had a massive migration from face-to-face professional activities to an online environment, which has raised a problem new and context for cybercrime (Jafar et al., 2022); in which organizations that are not prepared to face cyber-attacks on their organizational resources will experience huge losses and, above all, will have a negative impact on their performance (Berlilana et al., 2021).
It is estimated that cybersecurity threats will cost the world around 10.5 trillion dollars annually by 2025 (Morgan, 2020), however, the actual costs could be higher because some organizations may avoid providing reports on threats or attacks received for fear of generating a bad reputation that affects their image (Kim & Lee, 2021). Among the costs of cybercrime are: damage to technological infrastructure, loss of productivity, theft (money, intellectual property, trade secrets, customer data), fraud, as well as damage to the organization's reputation (Ahmad et al., 2021; Hu et al., 2021; FBI,2021).
Derived from the relevance of computer security for organizations, it is extremely important to search for alternatives, solutions, as well as strategies that protect their assets, both tangible and intangible, related to information technologies, in which the information technology can be prepared organization to anticipate attacks on its computer systems and networks that could reduce the performance of business operations.