Bibliometric analysis of publications on cyber risks in the services sector
Keywords:Bibliometric Analysis. Cyber Risks. Services Sector.
Objective: To explore the progress of scientific production on cyber risks that permeate the service sector, identifying relevant researchers and institutions on this theme, measuring the impact, and identifying trends, contributions, and knowledge gaps. In addition, the study seeks to use bibliometric findings to bring academic and managerial contributions to the subject.
Methodology: Bibliometric study, using the method of organization and systematization of information (Chueke & Amatucci, 2015; Guedes & Borschiver, 2015), whose structure followed the premises of the laws of Bradford, Lotka, and Zipf, using the scientific databases of the WoS - Web of Science. The bibliometric study enabled the performance of exploratory and descriptive research without the temporal cut, resulting in the identification of 115 publications (December 1995 to February 2023), which allowed measuring and presenting the characteristics and profile of the publications analyzed.
Originality: The study revealed a potential for exploring the theme of Cyber Risks in the Services sector, considering the scarcity of scientific production. It also enabled the identification of emerging trends and clusters in service sector activities and the creation of a conceptual model based on the findings of the analyzed publications.
Main results: The analyses revealed which sectors of the service economy are most frequently approached in publications related to the theme of cyber risks. These analyses were organized into ten areas, with the following order of relevance (frequency) of publication: Computer Science, Information Systems, Engineering, Business, Finance and Management, Telecommunications, Computer Science Theory Methods, and Computer Science Artificial Intelligence. The bibliometric findings enabled the creation of the conceptual model of Cyber Risks in Services, which proposes a cyclical and continuous improvement approach to deal with vulnerabilities, cyber threats, and consequences. This includes identifying and assessing existing vulnerabilities, implementing mitigation measures, and constantly monitoring threats and their consequences.
Theoretical contributions: The conceptual model of Cyber Risks in Services can be a reference for researchers in various fields of action, considering the breadth of the services sector and the interdisciplinary nature of digital risk mitigation.
Managerial contributions: Understanding of cyber risks supports the ability of the organization to respond to them, strengthening its security posture and protecting its critical assets and information from cyber threats.
Abbagnano, N. (2007). Dicionário de Filosofia, São Paulo: Martins Fontes.
Amanowicz, M., & Kamola, M. (2022). Building Security Awareness of Interdependent Services, Business Processes, and Systems in Cyberspace. Electronics, 11(22), 3835.
Brazil Agency. (2020). Serviços avançam e comércio cai como parcela do PIB desde 1947. Retrieved on february 01, 2023, from https://agenciabrasil.ebc.com.br/economia/noticia/2020-12/servicos-avancam-e-comercio-recua-na-participacao-no-pib-desde-1947 .
Barile, S., Grimaldi, M., Loia, F., & Sirianni, CA (2020). Technology, value Co-Creation and innovation in service ecosystems: Toward sustainable Co-Innovation. Sustainability, 12(7), 2759.
Biener, C., Eling, M., & Wirfs, JH (2015). Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, 40(1), 131-158.
Bodin, L. D., Gordon, L. A., Loeb, M. P., & Wang, A. (2018). Cybersecurity insurance and risk-sharing. Journal of Accounting and Public Policy, 37(6), 527-544.
Böhme, R., Laube, S., Riek, M. (2018). A fundamental approach to cyber risk analysis. Variance, 12 (2), 161–185.
Brewer, D. (2000). Risk assessment models and evolving approaches. IAAC Work. Retrieved January 29, 2023, from www.gammassl.co.uk/research/archives/events/IAAC.php .
Cebula, JL, & Young, LR (2010). A taxonomy of operational cyber security risks. Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst.
Chain Analysis (2021). The 2021 Crypto Crime Report – Everything you need to know about ransomware, darknet markets, and more. Retrieved January 28, 2023, from https://go.chainalysis.com/rs/503-FAP-074/images/Chainalysis-Crypto-Crime-2021.pdf .
Chueke, GV., & Amatucci, M. (2015). O que é bibliometria? Uma introdução ao Fórum. Internext, 10(2), 1-5.
Conger, S., Pratt, JH., & Loch, K. D. (2013). Personal information privacy and emerging technologies. Information Systems Journal, 23(5), 401-417.
Desmarchelier, B., Djellal, F., & Gallouj, F. (2013). Knowledge intensive business services and long term growth. Structural Change and Economic Dynamics, 25, 188-205.
Durak, T. (2020). Innovation spaces: the new campus risk paradigm. In Challenges for Health and Safety in Higher Education and Research Organizations, pp. 304-336. Royal Society of Chemistry.
Egan, R., Cartagena, S., Mohamed, R., Gosrani, V., Grewal, J., Acaryya, M., ... & Ang, K. (2019). Cyber operational risk scenarios for insurance companies. British Actuarial Journal, 24.
Fang, E., Palmatier, RW, & Steenkamp, JBE (2008). Effect of service transition strategies on firm value. Journal of Marketing, 72(5), 1-14.
Fitzsimmons, JA, & Fitzsimmons, MJ (2014). Service Administration: Operations, Strategy and Information Technology. Amgh Publisher.
Funke, Martha. (2021). Empresas lançam soluções voltadas para riscos cibernéticos. Jornal Valor. Consultado em 28 de janeiro de 2023, em https://valor.globo.com/publicacoes/suplementos/noticia/2021/03/25/empresas-lancam-solucoes-voltadas-a-riscos-ciberneticos.ghtml
Gadrey, J., Gallouj, F., & Weinstein, O. (1995). New modes of innovation: how services benefit industry. International Journal of Service Industry Management.
Gallouj, C. (1997). Asymmetry of information and the service relationship: selection and evaluation of the service provider. International Journal of Service Industry Management.
Gallouj, C. (2023). Information Economy, Knowledge Economy, Intangible and New Economy... What Next? In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp. 119-121). Edward Elgar Publishing.
Gallouj, F., & Djellal, F. (Eds.). (2011). The handbook of innovation and services: a multi-disciplinary perspective. Edward Elgar Publishing.
Ghorbani, HR, & Ahmadzadegan, MH (2017, November). Security challenges in internet of things: survey. In 2017 IEEE Conference on Wireless Sensors ( ICWiSe ), 1-6. IEEE.
Gil, AC (2002). Como elaborar projetos de pesquisa, vol. 4, p. 175. São Paulo: Atlas.
Gorla, N., & Somers, TM (2014). The impact of IT outsourcing on information systems success. Information & Management, 51(3), 320-335.
Guan, J., Cai, J., Bai, H., & You, I. (2021). Deep transfer learning-based network traffic classification for scarce dataset in 5G IoT systems. International Journal of Machine Learning and Cybernetics, 12(11), 3351-3365.
Guedes, V. L., & Borschiver, S. (2005). Bibliometria: uma ferramenta estatística para a gestão da informação e do conhecimento, em sistemas de informação, de comunicação e de avaliação científica e tecnológica. Encontro nacional de ciência da informação, 6(1), 18.
ISO/IEC (2014). ISO/IEC 27000:2014: Information technology – Security techniques – Information security management systems – Overview and vocabulary. International Organization for Standardization/International Electrotechnical Commission (ISO/IEC). Retrieved January 28, 2023, from https://www.iso.org/standard/63411.html
Johnson, D., Faulkner, E., Meredith, G., & Wilson, T. J. (2020). Police functional adaptation to the digital or post digital age: Discussions with cybercrime experts. The Journal of Criminal Law, 84(5), 427-450.
Kandjani, H., Wen, L., & Bernus, P. (2012). Enterprise architecture cybernetics for collaborative networks: Reducing the structural complexity and transaction cost via virtual brokerage. IFAC Proceedings, 45(6), pp. 1233-1239.
Kim, J. H. (2004). Cibernética, ciborgues e ciberespaço: notas sobre as origens da cibernética e sua reinvenção cultural. Horizontes antropológicos, 10, 199-219.
Klimburg, A. (Ed.). (2012). National cyber security framework manual. NATO Cooperative Cyber Defense Center of Excellence.
Kubota, LC. (2006). Inovação tecnológica das empresas de serviços no Brasil. In JA Negri, LC Kubota (Orgs.). Estrutura e dinâmica do setor de serviços no Brasil. Indivíduo. 2. Instituto de Pesquisa Econômica Aplicada. Brasília: IPEA, 35-72.
Lévy, P. (2000). Cibercultura. 2ª ed. São Paulo: Editora 34.
Liu, X., Ahmad, S. F., Anser, M. K., Ke, J., Irshad, M., Ul-Haq, J., & Abbas, S. (2022). Cyber security threats: A never-ending challenge for e-commerce, Front. Psychol., 19 October 2022, Sec. Organizational Psychology.
Mantha, B. R., & García de Soto, B. (2021). Assessment of the cybersecurity vulnerability of construction networks. Engineering, Construction and Architectural Management, 28(10), 3078-3105.
Melo, H. P. D., Rocha, F., Ferraz, G. T., Di Sabbato, A., & Dweck, R. H. (1998). O setor serviços no Brasil: uma visão global-1985/95.
McAfee (2021). What is malware? Retrieved January 28, 2023, from https://www.mcafee.com/en-us/antivirus/malware.html
McLeod, A., & Dolezel, D. (2018). Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems, 108, 57-68.
Metters, R. (2023). Service Operations. In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp. 183-185). Edward Elgar Publishing.
Mittal, B. (1999). The advertising of services: meeting the challenge of intangibility. Journal of Service Research, 2(1), 98-116.
NAIC (2018). Cybersecurity Risk Management. National Association of Insurance Commissioners (NAIC). Retrieved January 30, 2023, from https://content.naic.org/consumer/cybersecurity.htm.
Neghina, DE, & Scarlat, E. (2012). Managing information technology security in the context of cyber crime trends. International journal of computers communications & control, 8(1), 97-104.
Nieuwesteeg, B., Visscher, L., & de Waard, B. (2018). The law and economics of cyber insurance contracts: a case study. European Review of Private Law, 26(3).
NIST - National Institute of Standards and Technology (2006). Minimum security requirements for federal information and information systems, Federal Information Processing Standards Publication FIPS PUB 200. National Institute of Standards and Technology (NIST), Gaithersburg, MD. Retrieved January 30, 2023, from https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.200.pdf .
Nordin, F., Kindström, D., Kowalkowski, C., & Rehme, J. (2011). The risks of providing services: Differential risk effects of the service‐development strategies of customisation, bundling, and range. Journal of Service Management, 22(3), 390-408.
Nonaka, I., o Nonaka, I., Ikujiro, N., & Takeuchi, H. (1995). The knowledge-creating company: How Japanese companies create the dynamics of innovation (Vol. 105). OUP USA.
Pal, R., Huang, Z., Lototsky, S., Yin, X., Liu, M., Crowcroft, J., ... & Nag, B. (2021). Will catastrophic cyber-risk aggregation thrive in the IoT age? A Cautionary Economics Tale for (Re-)Insurers and Likes. ACM Transactions on Management Information Systems (TMIS), 12(2), 1-36.
Powers, M. R. (2006). Pure vs speculative risk: False choice; sham marriage. The Journal of Risk Finance, 7(4), 345-347.
Raddats, C., Kowalkowski, C., Benedettini, O., Burton, J., & Gebauer, H. (2019). Servitization: A contemporary thematic review of four major research streams. Industrial Marketing Management, 83, 207-223.
Rajapathirana, RJ, & Hui, Y. (2018). Relationship between innovation capability, innovation type, and firm performance. Journal of Innovation & Knowledge, 3(1), 44-55.
Rifat, A., Nisha, N., & Iqbal, M. (2019). Predicting e-tax service adoption: Integrating perceived risk, service quality and TAM. Journal of Electronic Commerce in Organizations (JECO), 17(3), 71-100.
Rosati, P., Gogolin, F., & Lynn, T. (2022). Cyber-security incidents and audit quality. European Accounting Review, 31(3), 701-728.
Rubalcaba, L., & Solano, E. (2023). Services Economic Growth. In F. Gallouj, C. Gallouj, M. C. Monnoyer, & L. Rubalcaba (Eds.), Elgar Encyclopedia of Services (pp.92-94). Edward Elgar Publishing.
Saraiva, J. (2021). Novos hábitos fazem gastos com entrega crescerem 149% em 2020 . Jornal valor. suplementos. Consultado em 28 de janeiro de 2023, em https://valor.globo.com/publicacoes/suplementos/noticia/2021/06/29/novos-habitos-fazem-gastos-com-entregas-crescerem-149-em-2020. ghtml .
Saridakis, G., Benson, V., Ezingeard, JN, & Tennakoon, H. (2016). Individual security information, user behavior and cyber victimization: An empirical study of social networking users. Technological Forecasting and Social Change, 102, 320-330.
Silva, W. R., & Nogueira, J. M. (2019). Ataques cibernéticos e medidas governamentais para combatê-los. O Comunicante, 9(1), 42-57.
Sipior, J. C., Lombardi, D. R., & Gabryelczyk, R. (2021). Information Technology Operational Risk: A Teaching Case. Journal of Computer Information Systems, 61(4), 328-344.
Stoshikj, M., Kryvinska, N., & Strauss, C. (2016). Service systems and service innovation: two pillars of service science. Procedia computer science, 83, 212-220.
Strupczewski, G. (2021). Defining cyber risk. Safety Science, 135, 105143.
United Nations Conference (2017). The role of the services economy and trade in structural transformation and inclusive development. Trade and Development Board. Geneva, July 2017. Retrieved January 28, 2023, from https://unctad.org/system/files/official-document/c1mem4d14_en.pdf .
Van Eck, NJ, Waltman, L. (2020). VOSviewer Manual: Manual for VOSviewer version 1.6.17 . 25 November 2020. Universiteit Leiden/ CWTS. Retrieved January 28, 2023, from https://www.vosviewer.com/documentation/Manual_VOSviewer_1.6.16.pdf.
Wiener, N. (1984). Cibernética e sociedade: o uso humano de seres humanos. São Paulo: Cultrix, 1984.
Wiener, N. (2017). Cibernética ou controle e comunicação no animal e na máquina . Tradução de Gita K. Guinsburgl. 1st ed. São Paulo: Perspective
World Economic Forum. (2012). Global risks 2012. Seventh edition, Insight Report, Geneva.
Younan, M., Houssein, EH, & Ali, AA (2020). Challenges and recommended technologies for the industrial internet of things: A comprehensive review. Measurement, v. 151.
Zeithaml, VA (2017). Excelência em atendimento. Saraiva Educação SA.
How to Cite
Copyright (c) 2023 Autores
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
The author (s) authorize the publication of the manuscript in the journal;
The author (s) guarantee that the contribution is original and unpublished and that it is not being evaluated in another journal (s);
The journal is not responsible for the opinions, ideas and concepts emitted in the texts, as they are the sole responsibility of its author (s);
Editors reserve the right to make textual adjustments and adapt to the publication's rules.
Authors retain the copyright and grant the journal the right to first publication, with the work simultaneously licensed under the Creative Commons Attribution License - 4.0 (CC BY-NC-SA 4.0) that allows the sharing of the work with acknowledgment of authorship and initial publication in this magazine.
Authors are authorized to assume additional contracts separately, for non-exclusive distribution of the version of the work published in this journal (eg, publishing in institutional repository or as a book chapter), with acknowledgment of authorship and initial publication in this journal.
Authors are allowed and encouraged to publish and distribute their work online (eg in institutional repositories or on their personal page) at any point before or during the editorial process, as this can generate productive changes, as well as increase impact and citation of the published work (see “The Effect of Open Access” at http://opcit.eprints.org/oacitation-biblio.html).
Authors can use ORCID for identification. An ORCID identifier is unique to an individual and acts as a persistent digital identifier to ensure that authors (particularly those with relatively common names) can be distinguished and their work appropriately assigned.