Search papers, labs, and topics across Lattice.
This study systematically reviews 457 publications to create the "Cybersecurity Incident Response Influencing Factor Taxonomy" (CIR-IF Taxonomy), which organizes the diverse factors affecting organizational preparedness and response to cybersecurity incidents. By comparing this taxonomy with established scientific frameworks and the NIST Cyber Security Framework, the authors reveal a more comprehensive and structured understanding of incident response influences. The key finding indicates that the CIR-IF Taxonomy provides a richer perspective than existing models, highlighting areas for further empirical and theoretical exploration in cybersecurity research.
The CIR-IF Taxonomy reveals a more nuanced understanding of the factors shaping cybersecurity incident response, challenging existing frameworks and opening new avenues for research.
Cybersecurity incident response has emerged as a critical area of interest for both researchers and practitioners. The corpus of literature on cybersecurity incident response is expanding, yet a unified framework for systematically organizing the accumulated knowledge remains absent. The aspects of incident response span multiple domains, including technology, human-computer interaction, organizational theory, and human factors. A comprehensive, integrative perspective on these factors can enable researchers to identify underexplored areas and more effectively target their empirical and theoretical investigations. Our study systematizes the factors that influence organizational preparedness for and response to cybersecurity incidents. Through a systematic review of academic literature (n = 417) and non-scientific publications (n = 40), we derived the"Cybersecurity Incident Response Influencing Factor Taxonomy"(\textit{CIR-IF Taxonomy}). Existing empirical findings were classified within this taxonomy, providing a comprehensive and up-to-date overview of knowledge from the period 1999 to mid-2024. The taxonomy categories were systematically compared with seven established scientific frameworks and with the \textit{NIST Cyber Security Framework} elements referenced in the \textit{NIST Special Publication 800-61r3} incident response profile. The results of this comparison show that the \textit{CIR-IF Taxonomy} delivers a richer, more rigorous, and more systematically organized view of the factors that drive and shape incident response.