Are we focusing on the right things? : A systematic literature review on causes of cybersecurity incidents

Abstract: Digitalisation driven by competition and performance has lead to a situation where most aspects of organisations business is digitised and vulnerable to cybersecurity incidents. Even though this discrepancy is being adressed incidents continue to happen. To be able to protect the organisation from cyber incidents an assessment of the security of information systems is needed. However cybersecurity incidents has been the subject of little research and the limited research there is often focuses on single causes, resulting in reduced accuracy of assessments. Therefore the question remains how different causes of incidents has affected organisations. To answer the question a systematic literature review and a taxonomy of four mutually exclusive cybersecurity incident causes are used. The result shows that 31 papers in the last five years contained relevant data, indicating that cause of incidents has not been the subject of much systematic research. Furthermore, the result shows that malicious actions were covered in 27 of the papers and human errors in 22 while system failures were only covered in seven and natural phenomena in zero. Through this the need for research on causes and effect of cybersecurity incidents is highlighted. Looking at the effect of the incidents there is a great spectra of results and the covered papers cannot be used to formulate a consensus. This seems to be an effect of the papers having different focus, suggesting a need for studies that include all possible causes as well as a common taxonomy to be used in multiple studies.