Cybersecurity research from a management perspective: A systematic literature review and future research agenda

Abstract

Firms continue to face increasing threats of financial and reputational damage from cybersecurity events. Despite increasing scholarly attention, our 25-year review of studies published in leading academic business journals demonstrates that extant research has generally examined antecedents (e.g., technological defenses), with more limited research focusing on managerial responses to or long-term performance outcomes from these events. Accordingly, we chronicle the current state of knowledge of these threats from a management (rather than from an information systems) perspective. We then highlight important future research opportunities for management scholars interested in developing or testing theory related to critical cybersecurity issues.