IDEAS home Printed from https://ideas.repec.org/a/eee/teinso/v83y2025ics0160791x25002325.html

Mapping the landscape of cybersecurity preparedness: A systematic review of non-technological determinants and consequences

Author

Listed:
  • Nillasithanukroh, Songkhun
  • Park, Chul Hyun
  • Baek, Jaejong
  • Ahn, Gail-Joon
  • Richards, Robert

Abstract

Given the escalating technological reliance of organizations, the development of robust cybersecurity preparedness has become imperative to preempt and mitigate the spectrum of cyber threats that jeopardize operational integrity, data security, and reputational standing. Constructing an effective defense, however, remains challenging due to the prevailing tendency of existing cybersecurity preparedness assessment frameworks to prioritize technological solutions, often downplaying the critical roles of human, organizational, and environmental factors. Moreover, such frameworks frequently overlook the complex interplay among these domains and the full spectrum of consequential outcomes. This systematic literature review seeks to address these gaps by synthesizing empirical findings from a broad corpus of academic literature. The review elucidates the multifaceted determinants of cybersecurity preparedness, with particular emphasis on underexplored non-technological variables, and explicates the mechanisms by which these factors interrelate and ultimately influence preparedness outcomes. While the findings underscore the substantial impact of human, organizational, and environmental factors—often engaging in complex interactions with other variables—extant empirical research on these interdependencies remains limited. As a result, future research employing integrative frameworks is warranted to more comprehensively capture the dynamic interplay of determinants shaping cybersecurity preparedness. Further investigation is also necessary to delineate the range of long-term consequences of preparedness, thereby better informing organizations about the comprehensive value of cybersecurity investments.

Suggested Citation

  • Nillasithanukroh, Songkhun & Park, Chul Hyun & Baek, Jaejong & Ahn, Gail-Joon & Richards, Robert, 2025. "Mapping the landscape of cybersecurity preparedness: A systematic review of non-technological determinants and consequences," Technology in Society, Elsevier, vol. 83(C).
    • Handle: RePEc:eee:teinso:v:83:y:2025:i:c:s0160791x25002325
    DOI: 10.1016/j.techsoc.2025.103042
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0160791X25002325
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.techsoc.2025.103042?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to

    for a different version of it.

    References listed on IDEAS

    as
    1. Hamzeh Al Amosh & Saleh F. A. Khatib, 2025. "Cybersecurity Transparency and Firm Success: Insights From the Australian Landscape," Australian Economic Papers, Wiley Blackwell, vol. 64(2), pages 189-204, June.
    2. Yunsook Hong & Min-Jik Kim & Taewoo Roh, 2023. "Mitigating the Impact of Work Overload on Cybersecurity Behavior: The Moderating Influence of Corporate Ethics—A Mediated Moderation Analysis," Sustainability, MDPI, vol. 15(19), pages 1-20, September.
    3. Hamed Taherdoost, 2022. "Understanding Cybersecurity Frameworks and Information Security Standards—A Review and Comprehensive Overview," Post-Print hal-03741854, HAL.
    4. Abraham, Chon & Chatterjee, Dave & Sims, Ronald R., 2019. "Muddling through cybersecurity: Insights from the U.S. healthcare industry," Business Horizons, Elsevier, vol. 62(4), pages 539-548.
    5. Kim, Byung-Jik & Kim, Min-Jik, 2024. "The influence of work overload on cybersecurity behavior: A moderated mediation model of psychological contract breach, burnout, and self-efficacy in AI learning such as ChatGPT," Technology in Society, Elsevier, vol. 77(C).
    6. Tony Porter & Netina Tan, 2023. "An integrated complex adaptive governmental policy response to cyberthreats," Journal of Economic Policy Reform, Taylor & Francis Journals, vol. 26(3), pages 283-297, July.
    7. Matthew Canham & Clay Posey & Delainey Strickland & Michael Constantino, 2021. "Phishing for Long Tails: Examining Organizational Repeat Clickers and Protective Stewards," SAGE Open, , vol. 11(1), pages 21582440219, January.
    8. Berlilana & Tim Noparumpa & Athapol Ruangkanjanases & Taqwa Hariguna & Sarmini, 2021. "Organization Benefit as an Outcome of Organizational Security Adoption: The Role of Cyber Security Readiness and Technology Readiness," Sustainability, MDPI, vol. 13(24), pages 1-20, December.
    9. Lis Piotr & Mendel Jacob, 2019. "Cyberattacks on critical infrastructure: An economic perspective," Economics and Business Review, Sciendo, vol. 5(2), pages 24-47, June.
    10. Hassan Younies & Tareq Na'el Al-Tawil, 2020. "Effect of cybercrime laws on protecting citizens and businesses in the United Arab Emirates (UAE)," Journal of Financial Crime, Emerald Group Publishing Limited, vol. 27(4), pages 1089-1105, June.
    11. Alain Mermoud & Marcus Matthias Keupp & Kévin Huguenin & Maximilian Palmié & Dimitri Percia David, 2019. "To share or not to share: A behavioral perspective on human participation in security information sharing," Post-Print hal-02147702, HAL.
    12. Stefano Armenia & Eduardo Ferreira Franco & Fabio Nonino & Emanuele Spagnoli & Carlo M. Medaglia, 2019. "Towards the Definition of a Dynamic and Systemic Assessment for Cybersecurity Risks," Systems Research and Behavioral Science, Wiley Blackwell, vol. 36(4), pages 404-423, July.
    13. Hamed Taherdoost, 2022. "Understanding Cybersecurity Frameworks and Information Security Standards—A Review and Comprehensive Overview," Post-Print hal-03741855, HAL.
    14. He, Ying & Zamani, Efpraxia D. & Lloyd, Stefan & Luo, Cunjin, 2022. "Agile incident response (AIR): Improving the incident response process in healthcare," International Journal of Information Management, Elsevier, vol. 62(C).
    15. Arroyabe, Marta F. & Arranz, Carlos F.A. & Fernandez De Arroyabe, Ignacio & Fernandez de Arroyabe, Juan Carlos, 2024. "Exploring the economic role of cybersecurity in SMEs: A case study of the UK," Technology in Society, Elsevier, vol. 78(C).
    16. Porramin Photipatphiboon & Thanuset Chokpiriyawat & Kanokwan Papamo, 2025. "Cybersecurity readiness in Thailand: The empirical evidence of service sectors," Edelweiss Applied Science and Technology, Learning Gate, vol. 9(4), pages 2018-2028.
    17. Christos Andreas Makridis & Max Smeets, 2019. "Determinants of cyber readiness," Journal of Cyber Policy, Taylor & Francis Journals, vol. 4(1), pages 72-89, January.
    18. Seppo Borenius & Pavithra Gopalakrishnan & Lina Bertling Tjernberg & Raimo Kantola, 2022. "Expert-Guided Security Risk Assessment of Evolving Power Grids," Energies, MDPI, vol. 15(9), pages 1-25, April.
    19. Nawaf Alharbi & Maria Papadaki & Paul Dowland, 2017. "The impact of security and its antecedents in behaviour intention of using e-government services," Behaviour and Information Technology, Taylor & Francis Journals, vol. 36(6), pages 620-636, June.
    20. Nungky Awang Chandra & Kalamullah Ramli & Anak Agung Putri Ratna & Teddy Surya Gunawan, 2022. "Information Security Risk Assessment Using Situational Awareness Frameworks and Application Tools," Risks, MDPI, vol. 10(8), pages 1-26, August.
    21. Smith, Thomas & Tadesse, Amanuel F. & Vincent, Nishani Edirisinghe, 2021. "The impact of CIO characteristics on data breaches," International Journal of Accounting Information Systems, Elsevier, vol. 43(C).
    22. Li, Ling & He, Wu & Xu, Li & Ash, Ivan & Anwar, Mohd & Yuan, Xiaohong, 2019. "Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior," International Journal of Information Management, Elsevier, vol. 45(C), pages 13-24.
    23. Jonathan Lewallen, 2021. "Emerging technologies and problem definition uncertainty: The case of cybersecurity," Regulation & Governance, John Wiley & Sons, vol. 15(4), pages 1035-1052, October.
    24. (Annabella) Huang, Jiehui & Murthy, Uday, 2024. "The impact of cybersecurity risk management strategy disclosure on investors’ judgments and decisions," International Journal of Accounting Information Systems, Elsevier, vol. 54(C).
    25. Juntao Chen & Quanyan Zhu & Tamer Başar, 2021. "Dynamic Contract Design for Systemic Cyber Risk Management of Interdependent Enterprise Networks," Dynamic Games and Applications, Springer, vol. 11(2), pages 294-325, June.
    26. Shashi Kant Srivastava & Saini Das & Godwin J. Udo & Kallol Bagchi, 2020. "Determinants of Cybercrime Originating within a Nation: A Cross-country Study," Journal of Global Information Technology Management, Taylor & Francis Journals, vol. 23(2), pages 112-137, April.
    27. Nam, Taewoo, 2019. "Understanding the gap between perceived threats to and preparedness for cybersecurity," Technology in Society, Elsevier, vol. 58(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    2. Chotia, Varun & Khoualdi, Kamel & Broccardo, Laura & Yaqub, Muhammad Zafar, 2025. "The role of cyber security and digital transformation in gaining competitive advantage through Strategic Management Accounting," Technology in Society, Elsevier, vol. 81(C).
    3. Kamal Uddin Sarker & Farizah Yunus & Aziz Deraman, 2023. "Penetration Taxonomy: A Systematic Review on the Penetration Process, Framework, Standards, Tools, and Scoring Methods," Sustainability, MDPI, vol. 15(13), pages 1-26, July.
    4. Nur Afiqah Md Amin & Nurul Iffah Ghazali & Nurul Najihah Hassan & Nur Aisyah Ramlan & Nur Maisara Sofea Abdul Rahman & Sarah Lailatulhuda Sharifudin, 2024. "Cyber-Laundering and Its Impacts on Auditors: A Conceptual Paper," Accounting and Finance Research, Sciedu Press, vol. 13(2), pages 1-24, May.
    5. Ewa Chomać-Pierzecka & Bartosz Błaszczak & Szymon Godawa & Izabella Kęsy, 2025. "Human Safety in Light of the Economic, Social and Environmental Aspects of Sustainable Development—Determination of the Awareness of the Young Generation in Poland," Sustainability, MDPI, vol. 17(13), pages 1-22, July.
    6. Singh, Kuldeep & Chatterjee, Sheshadri & Mariani, Marcello & Wamba, Samuel Fosso, 2025. "Cybersecurity resilience and innovation ecosystems for sustainable business excellence: Examining the dramatic changes in the macroeconomic business environment," Technovation, Elsevier, vol. 143(C).
    7. Shuai Chen & Mengmeng Hao & Fangyu Ding & Dong Jiang & Jiping Dong & Shize Zhang & Qiquan Guo & Chundong Gao, 2023. "Exploring the global geography of cybercrime and its driving forces," Humanities and Social Sciences Communications, Palgrave Macmillan, vol. 10(1), pages 1-10, December.
    8. Alessandro Mazzoccoli, 2023. "Optimal Cyber Security Investment in a Mixed Risk Management Framework: Examining the Role of Cyber Insurance and Expenditure Analysis," Risks, MDPI, vol. 11(9), pages 1-14, August.
    9. Monaco, Roberto & Bergaentzlé, Claire & Leiva Vilaplana, Jose Angel & Ackom, Emmanuel & Nielsen, Per Sieverts, 2024. "Digitalization of power distribution grids: Barrier analysis, ranking and policy recommendations," Energy Policy, Elsevier, vol. 188(C).
    10. Scuotto, Veronica & Tzanidis, Theofilos & Murray, Alan & Manlio, Del Giudice, 2025. "Growth hacking: Leveraging hyper-scalability, hyper-specialization, and human-centric strategies for competitive advantage," Journal of Business Research, Elsevier, vol. 190(C).
    11. Kim, Byung-Jik & Kim, Min-Jik, 2024. "The influence of work overload on cybersecurity behavior: A moderated mediation model of psychological contract breach, burnout, and self-efficacy in AI learning such as ChatGPT," Technology in Society, Elsevier, vol. 77(C).
    12. Andrew B. Whitford & Derrick Anderson, 2021. "Governance landscapes for emerging technologies: The case of cryptocurrencies," Regulation & Governance, John Wiley & Sons, vol. 15(4), pages 1053-1070, October.
    13. Jianguo Ding & Attia Qammar & Zhimin Zhang & Ahmad Karim & Huansheng Ning, 2022. "Cyber Threats to Smart Grids: Review, Taxonomy, Potential Solutions, and Future Directions," Energies, MDPI, vol. 15(18), pages 1-37, September.
    14. Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
    15. Meghisan-Toma Georgeta-Madalina & Nicula Vasile Cosmin, 2020. "ICT Security Measures for the Companies within European Union Member States – Perspectives in COVID-19 Context," Proceedings of the International Conference on Business Excellence, Sciendo, vol. 14(1), pages 362-370, July.
    16. repec:zib:zibaem:v:7:y:2023:i:1:p:25-33 is not listed on IDEAS
    17. Slapničar, Sergeja & Axelsen, Micheal & Bongiovanni, Ivano & Stockdale, David, 2023. "A pathway model to five lines of accountability in cybersecurity governance," International Journal of Accounting Information Systems, Elsevier, vol. 51(C).
    18. Stephen Sullivan & Diana Garza, 2021. "Supply Chain Risks, Cybersecurity and C-TPAT, a Literature Review," RAIS Conference Proceedings 2021 0082, Research Association for Interdisciplinary Studies.
    19. Habib Saragih, Arfah & Ali, Syaiful & Suwardi, Eko & Utomo, Hargo, 2024. "Finding the missing pieces to an optimal corporate tax savings: Information technology governance and internal information quality," International Journal of Accounting Information Systems, Elsevier, vol. 52(C).
    20. Diao, Xiaoxu & Zhao, Yunfei & Smidts, Carol & Vaddi, Pavan Kumar & Li, Ruixuan & Lei, Hangtian & Chakhchoukh, Yacine & Johnson, Brian & Blanc, Katya Le, 2024. "Dynamic probabilistic risk assessment for electric grid cybersecurity," Reliability Engineering and System Safety, Elsevier, vol. 241(C).
    21. Bénédicte Rulleau, 2024. "Household preferences for cyber-attack resilient water distribution networks: A latent class analysis of a discrete choice experiment in France," Post-Print hal-04157111, HAL.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:teinso:v:83:y:2025:i:c:s0160791x25002325. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/technology-in-society .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.