Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics
Background: Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies,...
Gespeichert in:
| Veröffentlicht in: | Sustainability 2022-02, Vol.14 (3), p.1311 |
|---|---|
| 1. Verfasser: | |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | 3 |
| container_start_page | 1311 |
| container_title | Sustainability |
| container_volume | 14 |
| creator | Zwilling, Moti |
| description | Background: Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies, thus increasing the latter’s exposure to cyber threats. To mitigate this exposure, it is crucial for CISOs to have sufficient training and skills to help them identify how well security controls are managed and whether these controls offer the company sufficient protection against cyber threats, as expected. However, recent literature shows a lack of clarity regarding the manner in which the CISOs’ role and the companies’ investment in their skills should change in view of these developments. Therefore, the aim of this study is to investigate the relationship between the CISOs’ level of cyber security-related preparation to mitigate cyber threats (and specifically, the companies’ attitudes toward investing in such preparation) and the recent evolution of cyber threats. Methods: The study data are based on the following public resources: (1) recent scientific literature; (2) cyber threat-related opinion news articles; and (3) OWASP’s reported list of vulnerabilities. Data analysis was performed using various text mining methods and tools. Results: The study’s findings show that although the implementation of cyber defense tools has gained more serious attention in recent years, CISOs still lack sufficient support from management and sufficient knowledge and skills to mitigate current and new cyber threats. Conclusions: The research outcomes may allow practitioners to examine whether the companies’ level of cyber security controls matches the CISOs’ skills, and whether a comprehensive security education program is required. The present article discusses these findings and their implications. |
| doi_str_mv | 10.3390/su14031311 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2627839134</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2627839134</sourcerecordid><originalsourceid>FETCH-LOGICAL-c295t-735c13f537708a31e28038775ea8adc018ad35ea26c1135d6e1e612db86c81e63</originalsourceid><addsrcrecordid>eNpNUE1Lw0AQDaJgqb34Cxa8CdGdTPN1rKFqoVKo9Ry2yTRuTZO4u9Hm5i_w5MW_5y9xawWdw8x7zHvD8BznFPgFYswvdQtDjoAAB07P4yG4wH1--A8fOwOt19wWIsQQ9Jz3haIq10xUOUseRVlSVZBmcyqEymVVsKRbkmJzqZ_YnTSyEEbWFVt2LJncz_TX28eI3Xfa0MYuMjaVhpQwraKfi-NtQ8pY1SebNbLaOef0IumVXQlNObN8QVvDRpUoO-vXJ87RSpSaBr-z7zxcjxfJrTud3UyS0dTNvNg3boh-BrjyMQx5JBDIizhGYeiTiESecbAdLfGCDAD9PCCgALx8GQVZZCH2nbP93UbVzy1pk67rVtkvdOoFXhhhDDi0qvO9KlO11opWaaPkRqguBZ7uIk__IsdvphB1bw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2627839134</pqid></control><display><type>article</type><title>Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics</title><source>MDPI - Multidisciplinary Digital Publishing Institute</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Zwilling, Moti</creator><creatorcontrib>Zwilling, Moti</creatorcontrib><description>Background: Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies, thus increasing the latter’s exposure to cyber threats. To mitigate this exposure, it is crucial for CISOs to have sufficient training and skills to help them identify how well security controls are managed and whether these controls offer the company sufficient protection against cyber threats, as expected. However, recent literature shows a lack of clarity regarding the manner in which the CISOs’ role and the companies’ investment in their skills should change in view of these developments. Therefore, the aim of this study is to investigate the relationship between the CISOs’ level of cyber security-related preparation to mitigate cyber threats (and specifically, the companies’ attitudes toward investing in such preparation) and the recent evolution of cyber threats. Methods: The study data are based on the following public resources: (1) recent scientific literature; (2) cyber threat-related opinion news articles; and (3) OWASP’s reported list of vulnerabilities. Data analysis was performed using various text mining methods and tools. Results: The study’s findings show that although the implementation of cyber defense tools has gained more serious attention in recent years, CISOs still lack sufficient support from management and sufficient knowledge and skills to mitigate current and new cyber threats. Conclusions: The research outcomes may allow practitioners to examine whether the companies’ level of cyber security controls matches the CISOs’ skills, and whether a comprehensive security education program is required. The present article discusses these findings and their implications.</description><identifier>ISSN: 2071-1050</identifier><identifier>EISSN: 2071-1050</identifier><identifier>DOI: 10.3390/su14031311</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Best practice ; Computers ; COVID-19 ; Cybercrime ; Cybersecurity ; Employees ; Hackers ; Internet ; ISO standards ; Literature reviews ; Malware ; Mitigation ; Network security ; Ransomware ; Remote searching ; Risk exposure ; Risk reduction ; Security ; Security management ; Set design ; Skills ; Software ; Structured Query Language-SQL ; Trends</subject><ispartof>Sustainability, 2022-02, Vol.14 (3), p.1311</ispartof><rights>2022 by the author. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c295t-735c13f537708a31e28038775ea8adc018ad35ea26c1135d6e1e612db86c81e63</citedby><cites>FETCH-LOGICAL-c295t-735c13f537708a31e28038775ea8adc018ad35ea26c1135d6e1e612db86c81e63</cites><orcidid>0000-0001-7628-8889</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Zwilling, Moti</creatorcontrib><title>Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics</title><title>Sustainability</title><description>Background: Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies, thus increasing the latter’s exposure to cyber threats. To mitigate this exposure, it is crucial for CISOs to have sufficient training and skills to help them identify how well security controls are managed and whether these controls offer the company sufficient protection against cyber threats, as expected. However, recent literature shows a lack of clarity regarding the manner in which the CISOs’ role and the companies’ investment in their skills should change in view of these developments. Therefore, the aim of this study is to investigate the relationship between the CISOs’ level of cyber security-related preparation to mitigate cyber threats (and specifically, the companies’ attitudes toward investing in such preparation) and the recent evolution of cyber threats. Methods: The study data are based on the following public resources: (1) recent scientific literature; (2) cyber threat-related opinion news articles; and (3) OWASP’s reported list of vulnerabilities. Data analysis was performed using various text mining methods and tools. Results: The study’s findings show that although the implementation of cyber defense tools has gained more serious attention in recent years, CISOs still lack sufficient support from management and sufficient knowledge and skills to mitigate current and new cyber threats. Conclusions: The research outcomes may allow practitioners to examine whether the companies’ level of cyber security controls matches the CISOs’ skills, and whether a comprehensive security education program is required. The present article discusses these findings and their implications.</description><subject>Best practice</subject><subject>Computers</subject><subject>COVID-19</subject><subject>Cybercrime</subject><subject>Cybersecurity</subject><subject>Employees</subject><subject>Hackers</subject><subject>Internet</subject><subject>ISO standards</subject><subject>Literature reviews</subject><subject>Malware</subject><subject>Mitigation</subject><subject>Network security</subject><subject>Ransomware</subject><subject>Remote searching</subject><subject>Risk exposure</subject><subject>Risk reduction</subject><subject>Security</subject><subject>Security management</subject><subject>Set design</subject><subject>Skills</subject><subject>Software</subject><subject>Structured Query Language-SQL</subject><subject>Trends</subject><issn>2071-1050</issn><issn>2071-1050</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNpNUE1Lw0AQDaJgqb34Cxa8CdGdTPN1rKFqoVKo9Ry2yTRuTZO4u9Hm5i_w5MW_5y9xawWdw8x7zHvD8BznFPgFYswvdQtDjoAAB07P4yG4wH1--A8fOwOt19wWIsQQ9Jz3haIq10xUOUseRVlSVZBmcyqEymVVsKRbkmJzqZ_YnTSyEEbWFVt2LJncz_TX28eI3Xfa0MYuMjaVhpQwraKfi-NtQ8pY1SebNbLaOef0IumVXQlNObN8QVvDRpUoO-vXJ87RSpSaBr-z7zxcjxfJrTud3UyS0dTNvNg3boh-BrjyMQx5JBDIizhGYeiTiESecbAdLfGCDAD9PCCgALx8GQVZZCH2nbP93UbVzy1pk67rVtkvdOoFXhhhDDi0qvO9KlO11opWaaPkRqguBZ7uIk__IsdvphB1bw</recordid><startdate>20220201</startdate><enddate>20220201</enddate><creator>Zwilling, Moti</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>4U-</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>CCPQU</scope><scope>COVID</scope><scope>DWQXO</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0001-7628-8889</orcidid></search><sort><creationdate>20220201</creationdate><title>Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics</title><author>Zwilling, Moti</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c295t-735c13f537708a31e28038775ea8adc018ad35ea26c1135d6e1e612db86c81e63</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Best practice</topic><topic>Computers</topic><topic>COVID-19</topic><topic>Cybercrime</topic><topic>Cybersecurity</topic><topic>Employees</topic><topic>Hackers</topic><topic>Internet</topic><topic>ISO standards</topic><topic>Literature reviews</topic><topic>Malware</topic><topic>Mitigation</topic><topic>Network security</topic><topic>Ransomware</topic><topic>Remote searching</topic><topic>Risk exposure</topic><topic>Risk reduction</topic><topic>Security</topic><topic>Security management</topic><topic>Set design</topic><topic>Skills</topic><topic>Software</topic><topic>Structured Query Language-SQL</topic><topic>Trends</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Zwilling, Moti</creatorcontrib><collection>CrossRef</collection><collection>University Readers</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>ProQuest One Community College</collection><collection>Coronavirus Research Database</collection><collection>ProQuest Central Korea</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Sustainability</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Zwilling, Moti</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics</atitle><jtitle>Sustainability</jtitle><date>2022-02-01</date><risdate>2022</risdate><volume>14</volume><issue>3</issue><spage>1311</spage><pages>1311-</pages><issn>2071-1050</issn><eissn>2071-1050</eissn><abstract>Background: Cyber security has turned out to be one of the main challenges of recent years. As the variety of system and application vulnerabilities has increased dramatically in recent years, cyber attackers have managed to penetrate the networks and infrastructures of larger numbers of companies, thus increasing the latter’s exposure to cyber threats. To mitigate this exposure, it is crucial for CISOs to have sufficient training and skills to help them identify how well security controls are managed and whether these controls offer the company sufficient protection against cyber threats, as expected. However, recent literature shows a lack of clarity regarding the manner in which the CISOs’ role and the companies’ investment in their skills should change in view of these developments. Therefore, the aim of this study is to investigate the relationship between the CISOs’ level of cyber security-related preparation to mitigate cyber threats (and specifically, the companies’ attitudes toward investing in such preparation) and the recent evolution of cyber threats. Methods: The study data are based on the following public resources: (1) recent scientific literature; (2) cyber threat-related opinion news articles; and (3) OWASP’s reported list of vulnerabilities. Data analysis was performed using various text mining methods and tools. Results: The study’s findings show that although the implementation of cyber defense tools has gained more serious attention in recent years, CISOs still lack sufficient support from management and sufficient knowledge and skills to mitigate current and new cyber threats. Conclusions: The research outcomes may allow practitioners to examine whether the companies’ level of cyber security controls matches the CISOs’ skills, and whether a comprehensive security education program is required. The present article discusses these findings and their implications.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/su14031311</doi><orcidid>https://orcid.org/0000-0001-7628-8889</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2071-1050 |
| ispartof | Sustainability, 2022-02, Vol.14 (3), p.1311 |
| issn | 2071-1050 2071-1050 |
| language | eng |
| recordid | cdi_proquest_journals_2627839134 |
| source | MDPI - Multidisciplinary Digital Publishing Institute; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals |
| subjects | Best practice Computers COVID-19 Cybercrime Cybersecurity Employees Hackers Internet ISO standards Literature reviews Malware Mitigation Network security Ransomware Remote searching Risk exposure Risk reduction Security Security management Set design Skills Software Structured Query Language-SQL Trends |
| title | Trends and Challenges Regarding Cyber Risk Mitigation by CISOs—A Systematic Literature and Experts’ Opinion Review Based on Text Analytics |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-03T08%3A43%3A34IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Trends%20and%20Challenges%20Regarding%20Cyber%20Risk%20Mitigation%20by%20CISOs%E2%80%94A%20Systematic%20Literature%20and%20Experts%E2%80%99%20Opinion%20Review%20Based%20on%20Text%20Analytics&rft.jtitle=Sustainability&rft.au=Zwilling,%20Moti&rft.date=2022-02-01&rft.volume=14&rft.issue=3&rft.spage=1311&rft.pages=1311-&rft.issn=2071-1050&rft.eissn=2071-1050&rft_id=info:doi/10.3390/su14031311&rft_dat=%3Cproquest_cross%3E2627839134%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2627839134&rft_id=info:pmid/&rfr_iscdi=true |