- by Dr. Prafulla Dikshit
Introduction
The Bibliometric and Bibliographic analysis is a promising new analytical methodology that derives its applications from the methodological realm of network analysis. One of the major applications of Bibliometrics is in understanding the publication dynamics within a given field and/or a specific focal area of research (Andersen 2018). Cybersecurity is one such emergent field with numerous challenges with the proliferation of the latest digital technologies, especially within the last five years. One of the major challenges facing the cybersecurity field is the lack of cooperation at various levels including industry, regional, national, and international, towards ensuring. This is primarily owing to a lack of a single or integrated framework for cybersecurity risk governance and compliance and the disjointed efforts by the various national governments towards achieving cybersecurity integration. One of the underlying factors is a trust deficit. It remains to be seen whether research on the topic points to a possibility and the modalities of such cooperation (Link, et al. 2018).
Method
I performed a bibliometric analysis based on a search query executed in the Web of Science database, for literature within the last 10 years which included peer-reviewed journal articles in the field. The database search yielded a collection of 282 high-quality peer-reviewed journal articles and corresponding bibliographic data was exported as a text file. The bibliographic data was exported to the VOS viewer and cluster analysis of the key terms within the title, abstract, and keywords of the articles within the collection were performed. Just to provide a broad idea of the search – the major terms within the original search query included – cybersecurity, protection, governance, risk, compliance, regulations, cooperation, firm, industry, national, and international.
Discussion
This analysis yielded a fascinating structure of keyword occurrence clusters within the topical area, as shown in Figure 1 below. The figure shows that there are broadly three keyword clusters within the literature on the topic as represented by the blue, green, and red colored node clusters. We can say that the keywords in a given cluster co-occur in a set of publications closely related thematically. The size of the node shows the occurrence frequency of an individual keyword, while its distance with another keyword node shows the relative co-occurrence and strength of association with the other keyword. A thematic aggregation of the green cluster shows a pattern of four prominent interconnected nodes – System-Requirement-Standard-Solution in the order of importance by occurrence. Herein the System node is the largest and it co-occurs with the three other major keywords and shows the direction the research in this cluster may be taking. The ‘system’ keyword node is closer to the ‘standard’ and solution’ nodes which are still closer to each other indicating standard solutions or solution standards within the cybersecurity application systems are being majorly researched within this cluster, and the same are being assessed for the requirements of the system as indicated by proximity of this system-standard-solution sub-cluster to the prominent yet slightly distant 'requirement node'. The other smaller and more distant nodes in the green cluster provide more context and granularity to the research area. For example, nodes like 'service', 'assessment', and 'operation' provide a firm and industry-level thrust to the theme of cybersecurity system solutions through the assessment of service operation requirements (Akanfe, Valecha, and Rao 2020; Rosado, et al. 2022; Wang, et al. 2020).
Similarly, the blue cluster represents a GDPR and Regulation-centric intellectual structure. GDPR is short for General Data Protection Regulation. The overarching keyword co-occurrence structure of the blue cluster is Regulation-Protection-Implementation-GDPR-Application-Device-Privacy-Challenge. Regulation is here the largest and the key node and the nearest prominent nodes are requirement and protection. This may be interpreted as a focus on protection requirements through regulation. Further, GDPR appears as the most prominent cybersecurity regulation and the application of the provisions of device-based privacy protection and its underlying challenges are likely the research focus. This is consistent with the cybersecurity challenges owing to new connected device system technologies like IOT (Jagannathan and Sorini 2015; Jideani, et al. 2018).
The red cluster is represented primarily by a node named ‘study’ and the closest and largest node to the same is ‘threat’, followed by ‘research’, ‘practice', and 'context'. This shows that there is a pertinent research effort to study the threats and the cybersecurity practices with a focus on their contexts (Hare 2016; Topping, et al. 2021).
Conclusion
Overall, the research in this area of cybersecurity cooperation as the problem area is focused on the lines of - Study of threats, and System requirements for Protection Regulation and implementation, to mitigate the threats as the solution side of the research. This article demonstrates the power of keyword cluster analysis in capturing the research insights from the visual aggregation of research themes and identifying the recent and upcoming research directions on the solution side of a broad research problem area.
***
References
Akanfe, Oluwafemi, Rohit Valecha, and Raghav H. Rao. 2020. "Assessing country-level privacy risk for digital payment systems." Computers & Security 99: 102065.
Andersen, Jan. 2018. "Chapter 6 - Preaward—Project Preparation." In Research Management: Europe and Beyond, 147-171.
Hare, Stephanie. 2016. "For your eyes only: U.S. technology companies, sovereign states, and the battle over data protection." Business Horizons 59: 549-561.
Jagannathan, Srinivasan, and Adam Sorini. 2015. "A cybersecurity risk analysis methodology for medical devices." 2015 IEEE Symposium on Product Compliance Engineering (ISPCE). IEEE. 1-6.
Jideani, Paul, Louise Leenen, Bennet Alexander, and Jay Barnes. 2018. "Towards an electronic retail cybersecurity framework." 2018 International Conference on Advances in Big Data, Computing and Data Communication Systems (IcABCD). IEEE. 1-6.
Link, Jochen, Karl Waedt, Ben Ines Zid, and Xinxin Lou. 2018. "Current Challenges of the Joint Consideration of Functional Safety & Cyber Security, Their Interoperability and Impact on Organizations: How to Manage RAMS + S (Reliability Availability Maintainability Safety + Security)." 2018 12th International Conference on Reliability, Maintainability, and Safety (ICRMS). IEEE. 185-191.
Rosado, David G., Antonio Santos-Olmo, Luis Enrique Sánchez, Manuel A. Serrano, Carlos Blanco, Haralambos Mouratidis, and Eduardo Fernández-Medina. 2022. "Managing cybersecurity risks of cyber-physical systems: The MARISMA-CPS pattern." Computers in Industry 142: 103715.
Topping, Colin, Andrew Dwyer, Ola Michalec, Barnaby Craggs, and Awais Rashid. 2021. "Beware suppliers bearing gifts!: Analysing coverage of supply chain cyber security in critical national infrastructure sectorial and cross-sectorial frameworks." Computers & Security 108: 102324.
Wang, Di, Yan Zhu, Yi Zhang, and Guowei Liu. 2020. "Security Assessment of Blockchain in Chinese Classified Protection of Cybersecurity." IEEE Access 203440-203456.
