Bibliometric analysis of publications on cyber risks in the services sector




Bibliometric Analysis. Cyber Risks. Services Sector.


Objective: To explore the progress of scientific production on cyber risks that permeate the service sector, identifying relevant researchers and institutions on this theme, measuring the impact, and identifying trends, contributions, and knowledge gaps. In addition, the study seeks to use bibliometric findings to bring academic and managerial contributions to the subject.

Methodology: Bibliometric study, using the method of organization and systematization of information (Chueke & Amatucci, 2015; Guedes & Borschiver, 2015), whose structure followed the premises of the laws of Bradford, Lotka, and Zipf, using the scientific databases of the WoS - Web of Science. The bibliometric study enabled the performance of exploratory and descriptive research without the temporal cut, resulting in the identification of 115 publications (December 1995 to February 2023), which allowed measuring and presenting the characteristics and profile of the publications analyzed.

Originality: The study revealed a potential for exploring the theme of Cyber Risks in the Services sector, considering the scarcity of scientific production. It also enabled the identification of emerging trends and clusters in service sector activities and the creation of a conceptual model based on the findings of the analyzed publications.

Main results: The analyses revealed which sectors of the service economy are most frequently approached in publications related to the theme of cyber risks. These analyses were organized into ten areas, with the following order of relevance (frequency) of publication: Computer Science, Information Systems, Engineering, Business, Finance and Management, Telecommunications, Computer Science Theory Methods, and Computer Science Artificial Intelligence. The bibliometric findings enabled the creation of the conceptual model of Cyber Risks in Services, which proposes a cyclical and continuous improvement approach to deal with vulnerabilities, cyber threats, and consequences. This includes identifying and assessing existing vulnerabilities, implementing mitigation measures, and constantly monitoring threats and their consequences.

Theoretical contributions:  The conceptual model of Cyber Risks in Services can be a reference for researchers in various fields of action, considering the breadth of the services sector and the interdisciplinary nature of digital risk mitigation.

Managerial contributions: Understanding of cyber risks supports the ability of the organization to respond to them, strengthening its security posture and protecting its critical assets and information from cyber threats.


Download data is not yet available.

Author Biographies

Marcia C. Rossi, Universidade Presbiteriana Mackenzie

Pesquisadora em Recursos e Desenvolvimento Empresarial. Mestre em Controladoria Empresarial. Professora dos cursos de especialização em Controladoria Financeira e MBA em Gestão Estratégica Empresarial na Universidade Prebisteriana Mackenzie.

Gilberto Perez, Universidade Presbiteriana Mackenzie

Livre Docente pela Universidade de São Paulo (USP/FEA, 2022). Professor Adjunto do programa de Pós-Graduação Stricto Sensu em Administração (PPGA) na Universidade Presbiteriana Mackenzie.


Abbagnano, N. (2007). Dicionário de Filosofia, São Paulo: Martins Fontes.

Amanowicz, M., & Kamola, M. (2022). Building Security Awareness of Interdependent Services, Business Processes, and Systems in Cyberspace. Electronics, 11(22), 3835.

Brazil Agency. (2020). Serviços avançam e comércio cai como parcela do PIB desde 1947. Retrieved on february 01, 2023, from .

Barile, S., Grimaldi, M., Loia, F., & Sirianni, CA (2020). Technology, value Co-Creation and innovation in service ecosystems: Toward sustainable Co-Innovation. Sustainability, 12(7), 2759.

Biener, C., Eling, M., & Wirfs, JH (2015). Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, 40(1), 131-158.

Bodin, L. D., Gordon, L. A., Loeb, M. P., & Wang, A. (2018). Cybersecurity insurance and risk-sharing. Journal of Accounting and Public Policy, 37(6), 527-544.

Böhme, R., Laube, S., Riek, M. (2018). A fundamental approach to cyber risk analysis. Variance, 12 (2), 161–185.

Brewer, D. (2000). Risk assessment models and evolving approaches. IAAC Work. Retrieved January 29, 2023, from .

Cebula, JL, & Young, LR (2010). A taxonomy of operational cyber security risks. Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst.

Chain Analysis (2021). The 2021 Crypto Crime Report – Everything you need to know about ransomware, darknet markets, and more. Retrieved January 28, 2023, from .

Chueke, GV., & Amatucci, M. (2015). O que é bibliometria? Uma introdução ao Fórum. Internext, 10(2), 1-5.

Conger, S., Pratt, JH., & Loch, K. D. (2013). Personal information privacy and emerging technologies. Information Systems Journal, 23(5), 401-417.

Desmarchelier, B., Djellal, F., & Gallouj, F. (2013). Knowledge intensive business services and long term growth. Structural Change and Economic Dynamics, 25, 188-205.

Durak, T. (2020). Innovation spaces: the new campus risk paradigm. In Challenges for Health and Safety in Higher Education and Research Organizations, pp. 304-336. Royal Society of Chemistry.

Egan, R., Cartagena, S., Mohamed, R., Gosrani, V., Grewal, J., Acaryya, M., ... & Ang, K. (2019). Cyber operational risk scenarios for insurance companies. British Actuarial Journal, 24.

Fang, E., Palmatier, RW, & Steenkamp, JBE (2008). Effect of service transition strategies on firm value. Journal of Marketing, 72(5), 1-14.

Fitzsimmons, JA, & Fitzsimmons, MJ (2014). Service Administration: Operations, Strategy and Information Technology. Amgh Publisher.

Funke, Martha. (2021). Empresas lançam soluções voltadas para riscos cibernéticos. Jornal Valor. Consultado em 28 de janeiro de 2023, em

Gadrey, J., Gallouj, F., & Weinstein, O. (1995). New modes of innovation: how services benefit industry. International Journal of Service Industry Management.

Gallouj, C. (1997). Asymmetry of information and the service relationship: selection and evaluation of the service provider. International Journal of Service Industry Management.

Gallouj, C. (2023). Information Economy, Knowledge Economy, Intangible and New Economy... What Next? In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp. 119-121). Edward Elgar Publishing.

Gallouj, F., & Djellal, F. (Eds.). (2011). The handbook of innovation and services: a multi-disciplinary perspective. Edward Elgar Publishing.

Ghorbani, HR, & Ahmadzadegan, MH (2017, November). Security challenges in internet of things: survey. In 2017 IEEE Conference on Wireless Sensors ( ICWiSe ), 1-6. IEEE.

Gil, AC (2002). Como elaborar projetos de pesquisa, vol. 4, p. 175. São Paulo: Atlas.

Gorla, N., & Somers, TM (2014). The impact of IT outsourcing on information systems success. Information & Management, 51(3), 320-335.

Guan, J., Cai, J., Bai, H., & You, I. (2021). Deep transfer learning-based network traffic classification for scarce dataset in 5G IoT systems. International Journal of Machine Learning and Cybernetics, 12(11), 3351-3365.

Guedes, V. L., & Borschiver, S. (2005). Bibliometria: uma ferramenta estatística para a gestão da informação e do conhecimento, em sistemas de informação, de comunicação e de avaliação científica e tecnológica. Encontro nacional de ciência da informação, 6(1), 18.

ISO/IEC (2014). ISO/IEC 27000:2014: Information technology – Security techniques – Information security management systems – Overview and vocabulary. International Organization for Standardization/International Electrotechnical Commission (ISO/IEC). Retrieved January 28, 2023, from

Johnson, D., Faulkner, E., Meredith, G., & Wilson, T. J. (2020). Police functional adaptation to the digital or post digital age: Discussions with cybercrime experts. The Journal of Criminal Law, 84(5), 427-450.

Kandjani, H., Wen, L., & Bernus, P. (2012). Enterprise architecture cybernetics for collaborative networks: Reducing the structural complexity and transaction cost via virtual brokerage. IFAC Proceedings, 45(6), pp. 1233-1239.

Kim, J. H. (2004). Cibernética, ciborgues e ciberespaço: notas sobre as origens da cibernética e sua reinvenção cultural. Horizontes antropológicos, 10, 199-219.

Klimburg, A. (Ed.). (2012). National cyber security framework manual. NATO Cooperative Cyber Defense Center of Excellence.

Kubota, LC. (2006). Inovação tecnológica das empresas de serviços no Brasil. In JA Negri, LC Kubota (Orgs.). Estrutura e dinâmica do setor de serviços no Brasil. Indivíduo. 2. Instituto de Pesquisa Econômica Aplicada. Brasília: IPEA, 35-72.

Lévy, P. (2000). Cibercultura. 2ª ed. São Paulo: Editora 34.

Liu, X., Ahmad, S. F., Anser, M. K., Ke, J., Irshad, M., Ul-Haq, J., & Abbas, S. (2022). Cyber security threats: A never-ending challenge for e-commerce, Front. Psychol., 19 October 2022, Sec. Organizational Psychology.

Mantha, B. R., & García de Soto, B. (2021). Assessment of the cybersecurity vulnerability of construction networks. Engineering, Construction and Architectural Management, 28(10), 3078-3105.

Melo, H. P. D., Rocha, F., Ferraz, G. T., Di Sabbato, A., & Dweck, R. H. (1998). O setor serviços no Brasil: uma visão global-1985/95.

McAfee (2021). What is malware? Retrieved January 28, 2023, from

McLeod, A., & Dolezel, D. (2018). Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems, 108, 57-68.

Metters, R. (2023). Service Operations. In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp. 183-185). Edward Elgar Publishing.

Mittal, B. (1999). The advertising of services: meeting the challenge of intangibility. Journal of Service Research, 2(1), 98-116.

NAIC (2018). Cybersecurity Risk Management. National Association of Insurance Commissioners (NAIC). Retrieved January 30, 2023, from

Neghina, DE, & Scarlat, E. (2012). Managing information technology security in the context of cyber crime trends. International journal of computers communications & control, 8(1), 97-104.

Nieuwesteeg, B., Visscher, L., & de Waard, B. (2018). The law and economics of cyber insurance contracts: a case study. European Review of Private Law, 26(3).

NIST - National Institute of Standards and Technology (2006). Minimum security requirements for federal information and information systems, Federal Information Processing Standards Publication FIPS PUB 200. National Institute of Standards and Technology (NIST), Gaithersburg, MD. Retrieved January 30, 2023, from .

Nordin, F., Kindström, D., Kowalkowski, C., & Rehme, J. (2011). The risks of providing services: Differential risk effects of the service‐development strategies of customisation, bundling, and range. Journal of Service Management, 22(3), 390-408.

Nonaka, I., o Nonaka, I., Ikujiro, N., & Takeuchi, H. (1995). The knowledge-creating company: How Japanese companies create the dynamics of innovation (Vol. 105). OUP USA.

Pal, R., Huang, Z., Lototsky, S., Yin, X., Liu, M., Crowcroft, J., ... & Nag, B. (2021). Will catastrophic cyber-risk aggregation thrive in the IoT age? A Cautionary Economics Tale for (Re-)Insurers and Likes. ACM Transactions on Management Information Systems (TMIS), 12(2), 1-36.

Powers, M. R. (2006). Pure vs speculative risk: False choice; sham marriage. The Journal of Risk Finance, 7(4), 345-347.

Raddats, C., Kowalkowski, C., Benedettini, O., Burton, J., & Gebauer, H. (2019). Servitization: A contemporary thematic review of four major research streams. Industrial Marketing Management, 83, 207-223.

Rajapathirana, RJ, & Hui, Y. (2018). Relationship between innovation capability, innovation type, and firm performance. Journal of Innovation & Knowledge, 3(1), 44-55.

Rifat, A., Nisha, N., & Iqbal, M. (2019). Predicting e-tax service adoption: Integrating perceived risk, service quality and TAM. Journal of Electronic Commerce in Organizations (JECO), 17(3), 71-100.

Rosati, P., Gogolin, F., & Lynn, T. (2022). Cyber-security incidents and audit quality. European Accounting Review, 31(3), 701-728.

Rubalcaba, L., & Solano, E. (2023). Services Economic Growth. In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp.92-94). Edward Elgar Publishing.

Saraiva, J. (2021). Novos hábitos fazem gastos com entrega crescerem 149% em 2020 . Jornal valor. suplementos. Consultado em 28 de janeiro de 2023, em ghtml .

Saridakis, G., Benson, V., Ezingeard, JN, & Tennakoon, H. (2016). Individual security information, user behavior and cyber victimization: An empirical study of social networking users. Technological Forecasting and Social Change, 102, 320-330.

Silva, W. R., & Nogueira, J. M. (2019). Ataques cibernéticos e medidas governamentais para combatê-los. O Comunicante, 9(1), 42-57.

Sipior, J. C., Lombardi, D. R., & Gabryelczyk, R. (2021). Information Technology Operational Risk: A Teaching Case. Journal of Computer Information Systems, 61(4), 328-344.

Stoshikj, M., Kryvinska, N., & Strauss, C. (2016). Service systems and service innovation: two pillars of service science. Procedia computer science, 83, 212-220.

Strupczewski, G. (2021). Defining cyber risk. Safety Science, 135, 105143.

United Nations Conference (2017). The role of the services economy and trade in structural transformation and inclusive development. Trade and Development Board. Geneva, July 2017. Retrieved January 28, 2023, from .

Van Eck, NJ, Waltman, L. (2020). VOSviewer Manual: Manual for VOSviewer version 1.6.17 . 25 November 2020. Universiteit Leiden/ CWTS. Retrieved January 28, 2023, from

Wiener, N. (1984). Cibernética e sociedade: o uso humano de seres humanos. São Paulo: Cultrix, 1984.

Wiener, N. (2017). Cibernética ou controle e comunicação no animal e na máquina . Tradução de Gita K. Guinsburgl. 1st ed. São Paulo: Perspective

World Economic Forum. (2012). Global risks 2012. Seventh edition, Insight Report, Geneva.

Younan, M., Houssein, EH, & Ali, AA (2020). Challenges and recommended technologies for the industrial internet of things: A comprehensive review. Measurement, v. 151.

Zeithaml, VA (2017). Excelência em atendimento. Saraiva Educação SA.



How to Cite

Rossi, M. C., & Perez, G. (2023). Bibliometric analysis of publications on cyber risks in the services sector. Revista Ibero-Americana De Estratégia, 22(1), e23846 .