A BIBLIOMETRIC ANALYSIS OF CYBER SECURITY RISK DISCLOSURE

Lola Melindia; Yaeni Maryani; Fitri Pebrianti; Siti Jubaedah

doi:10.31435/ijite.2(50).2025.3386

Lola Melindia Faculty of Economics and Business, Universitas Swadaya Gunung Jati, Indonesia
Yaeni Maryani Faculty of Economics and Business, Universitas Swadaya Gunung Jati, Indonesia
Fitri Pebrianti Faculty of Economics and Business, Universitas Swadaya Gunung Jati, Indonesia
Siti Jubaedah Faculty of Economics and Business, Universitas Swadaya Gunung Jati, Indonesia

DOI: https://doi.org/10.31435/ijite.2(50).2025.3386

Keywords: Bibliometric Analysis, Cybersecurity Disclosure, Systematic Literature Review, Voluntary ‎Disclosure

Abstract

Along with experiencing significant financial losses due to data breaches in the company. To ‎attract stakeholders' attention, companies need to disclose the cyber risks they face. This study ‎aims to explain the progress and patterns in cyber risk disclosure and the variables that are often ‎associated with the practice. The research used a systematic literature review of 155 research ‎articles from Scopus (2020-2024) using the keywords cybersecurity disclosure in the fields of ‎computer science, social science, business management, accounting, economics, and finance. ‎Data was limited to English journal articles and analysed using bibliometric analysis with the ‎VOS viewer application. The results show that research on cyber risk disclosure in Scopus.com is ‎still limited, but shows an increasing trend in various countries' companies. The cited articles are ‎identified as references for future research. On accounting conceptualisations regarding the ‎voluntary disclosure of such corporate social responsibility information related to cyber risk ‎threats.‎

References

Agarwal, N., Agarwal, S., & Chatterjee, C. (2024). Data breach notification laws and the cost of private debt. British Accounting Review. https://doi.org/10.1016/j.bar.2024.101518

Agrafiotis, I., Nurse, J. R. C., Goldsmith, M., Creese, S., & Upton, D. (2018). A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate. In Journal of Cybersecurity (Vol. 4, Issue 1). Oxford University Press. https://doi.org/10.1093/cybsec/tyy006

Alodat, A. Y., Hao, Y., Nobanee, H., Ali, H., Mansour, M., & Al Amosh, H. (2024). Board characteristics and cybersecurity disclosure: evidence from the UK. Electronic Commerce Research. https://doi.org/10.1007/s10660-024-09867-w

Beechey, M., Kyriakopoulos, K. G., & Lambotharan, S. (2021). Evidential classification and feature selection for cyber-threat hunting. Knowledge-Based Systems, 226. https://doi.org/10.1016/j.knosys.2021.107120

Boggini, C. (2024). Reporting cybersecurity to stakeholders: A review of CSRD and the EU cyber legal framework. Computer Law and Security Review, 53. https://doi.org/10.1016/j.clsr.2024.105987

Gao, L., Calderon, T. G., & Tang, F. (2020). Public companies’ cybersecurity risk disclosures. International Journal of Accounting Information Systems, 38. https://doi.org/10.1016/j.accinf.2020.100468

Gordon, L. A., & Loeb, M. P. (2006). Managing cybersecurity resources: A cost-benefit analysis (Vol. 1). McGraw-Hill.

Jeong, J. J., Grobler, M., Chamikara, M. A. P., & Rudolph, C. (2019). Fuzzy Logic Application to Link National Culture and Cybersecurity Maturity. https://geerthofstede.com/research-and-vsm/dimension-data-matrix/

Kamiya, S., Kang, J. K., Kim, J., Milidonis, A., & Stulz, R. M. (2021). Risk management, firm reputation, and the impact of successful cyberattacks on target firms. Journal of Financial Economics, 139(3), 719–749. https://doi.org/10.1016/j.jfineco.2019.05.019

Leuz, C., & Wysocki, P. (2016). The Economics of Disclosure and Financial Reporting Regulation: Evidence and Suggestions for Future Research. http://ssrn.com/abstract=2733831http://ssrn.com/abstract=2733831www.ecgi.org/wphttps://ssrn.com/abstract=2733831

Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126

Mazumder, M. M. M., & Hossain, D. M. (2023). Voluntary cybersecurity disclosure in the banking industry of Bangladesh: does board composition matter? Journal of Accounting in Emerging Economies, 13(2), 217–239. https://doi.org/10.1108/JAEE-07-2021-0237

Rizal, R., Selamat, S. R., Mas’ud, M. Z., & Widiyasono, N. (2025). Enhanced Readiness Forensic Framework for the Complexity of Internet of Things (IoT) Investigation Based on Artificial Intelligence. Journal of Advanced Research in Applied Sciences and Engineering Technology, 50(1), 121–135. https://doi.org/10.37934/araset.50.1.121135

Seid, E., Satheesh, S., Popov, O., & Blix, F. (2024). FAIR: Cyber Security Risk Quantification In Logistics Sector. Procedia Computer Science, 237, 783–792. https://doi.org/10.1016/j.procs.2024.05.166

Stempel, J. (2024, July 19). SolarWinds beats most of US SEC lawsuit over Russia-linked cyberattack. Reuters. https://www.reuters.com/legal/us-judge-dismisses-most-sec-lawsuit-against-solarwinds-concerning-cyberattack-2024-07-18/

Uslaner, J. D., & Brunetto, J. (2024, May 31). The SEC’s new cybersecurity disclosure rules decoded: what they mean for investors. Reuters. https://www.reuters.com/legal/legalindustry/secs-new-cybersecurity-disclosure-rules-decoded-what-they-mean-investors-2024-05-31/

Vostoupal, J., Stupka, V., Kasl, F., Loutocky, P., & Malinka, K. (2024). The Legal Aspects of Cybersecurity Vulnerability Disclosure: To the NIS 2 and beyond. https://www.enisa.europa.eu/topics/cybersecurity-policy/nis-directive-new