Mapping the landscape of cybersecurity preparedness: A systematic review of non-technological determinants and consequences

Given the escalating technological reliance of organizations, the development of robust cybersecurity preparedness has become imperative to preempt and mitigate the spectrum of cyber threats that jeopardize operational integrity, data security, and reputational standing. Constructing an effective defense, however, remains challenging due to the prevailing tendency of existing cybersecurity preparedness assessment frameworks to prioritize technological solutions, often downplaying the critical roles of human, organizational, and environmental factors. Moreover, such frameworks frequently overlook the complex interplay among these domains and the full spectrum of consequential outcomes. This systematic literature review seeks to address these gaps by synthesizing empirical findings from a broad corpus of academic literature. The review elucidates the multifaceted determinants of cybersecurity preparedness, with particular emphasis on underexplored non-technological variables, and explicates the mechanisms by which these factors interrelate and ultimately influence preparedness outcomes. While the findings underscore the substantial impact of human, organizational, and environmental factors—often engaging in complex interactions with other variables—extant empirical research on these interdependencies remains limited. As a result, future research employing integrative frameworks is warranted to more comprehensively capture the dynamic interplay of determinants shaping cybersecurity preparedness. Further investigation is also necessary to delineate the range of long-term consequences of preparedness, thereby better informing organizations about the comprehensive value of cybersecurity investments.