Cybersecurity and Strategic Management

Abstract


Introduction
As more and more businesses move their operations online, cybercriminals are beginning to stake their claim in the digital realm, which imposes high costs on the economy1 .Cyber security emerged as a countermeasure to protect the online environment from cyber-attacks, damage, improper use, and economic espionage.The perception of cyber security has shifted from being just an "IT issue" alone to being a "strategic management issue" and to being a "techno-legal-management issue" due to the ever-increasing sophistication of cybercrime in its attack approaches and techniques (Mantha, García de Soto, 2021).Even though technology is developing rapidly, human is still the primary doer and plays a vital role in controlling the process of securing a country from attacks and threats.We cannot fully depend on technology because of its drawbacks such as false decision, lack of transparency, or overreliance.It is in line with the goal of "Society 5.0", a strategic model that has been initiated in Japan and focuses on balancing human and technology.A "5.0 society" is an "intelligence society" in which physical space and cyberspace are highly intertwined.The relation between Industry 4.0 and Society 5.0 are related ideas that talk about how cutting-edge technologies are used in business and in society as a whole.Society 5.0 calls for a deeper integration of technology to create a human-centered society that addresses social issues and creates new economic value.Industry 4.0, on the other hand, focuses on digitizing and automating manufacturing processes.Balancing social and societal problems is a complex and ongoing challenge that requires a multifaceted approach.The first solution to be concerned is stakeholder engagement.Engaging with stakeholders, including customers, employees, investors, and community groups, can help organizations to understand the social and societal issues that matter to them.Overall, balancing social and societal problems requires a comprehensive approach that considers the impact of an organization's actions on a wide range of stakeholders.The previous studies analyzed the relationship between cyber security and management but focused on the era of industry 4.0, cyber-physical systems, enterprises, and public policy implications (Alahmari, Duncan 2020;Kharchenko et al. 2019;Kure et al., 2018).However, this study will try to emphasize the relationship between cyber security in management and society 5.0.In addition, the inclusion of new technologies in cyberspace, such as artificial intelligence (AI), machine learning (ML), data analytics, cloud computing, quantum cryptography, and the Internet of Things (IoT), has made cybersecurity a complex domain that requires more in-depth research in order to keep up with the growth of cybercrime (Sobb et al., 2020).As a result of ongoing trends and difficulties, the global market for cyber security has expanded dramatically, and it is anticipated that it will reach approximately 259 billion USD by the year 2025 (Dhawan et al., 2021).The nature of research into cyber security technologies, systems, and concerns has shifted to become more interdisciplinary and international in scope since the national threats mostly come from outside the countries.In a broader sense, the following are some of the areas that fall under the theme of cyber security research: management; critical infrastructure; risk assessment; risk management; economics; investments; information services; public works; decision-making; human resources; and education.When searching for prior research on cyber security in management through the Scopus database, it becomes clear that the body of written work in this field is seeing a rapid expansion.Therefore, the author has been constructed the following research questions: 1.What is the relationship between the keywords of cybersecurity and management in terms of co-occurrence? 2. What are the dynamics of the concept in the field of cybersecurity?

Methods
This study employed a quantitative method by using the bibliometrics analysis technique.This study's analysis and mining process would draw on the Scopus database as one of the most extensive incredible databases (Mongeon, Paul-Hus, 2016).nIn the search strategy, the author divided the keywords into two topics.The first keyword typed in the Scopus database was relevant to "Cyber security".Afterward, it was followed by the "management" keyword in the next topic.Before the filter was applied, the search result revealed that there were 3.285 documents.However, since the author was only interested in the advancement of cyber security in management from articles and because the language was filtered into English, the author additionally focused on narrowing the keywords in the final articles of a journal to tighten the results.The final result was 780 articles found in the Scopus database.
The following keywords were constructed to explore the data through the aforementioned database on the 23 rd of August 2022 and gained 780 data from Scopus: (TITLE-ABS-KEY ("cyber security*") AND TITLE-ABS-KEY (management*)) AND (LIMIT-TO (PUBSTAGE, "final")) AND (LIMIT-TO (DOCTYPE , "ar") ) AND (LIMIT-TO (LANGUAGE , "english")) AND (LIMIT-TO (SRCTYPE , "j")) In this analysis, the chosen number of documents was 5, and the result of thresholds was 314 out of 5663 keywords.Similar to the co-occurrence network analysis, this quantitative analysis will deeply analyze the evolution of thematic words used since the first research linked with "cyber security" and "management".
In the method section, the data will be refined using software named Openrefine to filter and unite similar terminology but in different spellings.Furthermore, the data visualization will use VOSviewer, R programming, and Draw.io to highlight the results.Through the VOSviewer visualization process, the author found some similar words which could be united into one terminology.The table 1 gives a list of words that have been associated.
The next section will portray the scope of keywords related to cyber security in management based on the co-occurrence, thematic evolution, publication distribution, and co-citation analysis to decipher the research development contribution.

Co-occurrence analysis (network analysis)
The following visualization describes the clusters shown by cyber security, which are divided into 7 clusters based on colors such as yellow, sea blue, dark blue, green, purple, orange, and red.The author observed from figure 1 that the term "cyber security" widely spreads in the yellow and red clusters, with the highest number of items.Based on the figure, the keyword "Cyber security" is highly and closely linked with "Network security." "Cyber security" occurred up to 532, and "network security" reached 172 occurrences.Along with the co-occurrence result, the total link strength of "Cyber security" was also the highest, up to 2930, and the total link strength of "network security" was up to 1334.The aforementioned clusters were connected to many interesting links to other keywords such as investments, human, critical infrastructure, information services, decision-making, public policy, risk management, and economics.It provided sophisticated previous research about risk management in cyber security.With the previous research statement, every country and scientist agree that a cyber security management model is needed to secure critical infrastructures such as internet voting systems, banking systems, and energy infrastructure.There is no role model of the cyber security management paradigm, yet many governments recognize the necessity to secure their essential resources (Katsikeas et al., 2021).
To this end, the keyword "cyber security" was also highly linked to "human, " which will relate to human management in handling cyber security.The role of human management in handling cyber security focused on the decision of how to handle cyber threats in the right way or strategy.Over 39% of security concerns are tied to the human aspect, and 95% of successful cyber-attacks are generated by human error, mostly insider threats.Lack of user understanding of cyber risks is a severe cybersecurity issue (Alsharif et al., 2021).However, the author will also highlight the keywords.

Thematic evolution of Cyber Security in Management
This study will analyze the keywords' trends based on co-occurrence and thematic evolution in the field of cyber security in management.The author was analyzed with thematic evolution visualization and three field plots of visualization.It stated that the words' evolution mainly occurred in computer security, cyber security, and electric power transmission networks, and the themes correlate to computer security, female, human, network security, automation, cyber security, information systems, and air traffic control.
In conformity with the results, the author could dissect that cyber security now has automation, computer security, information systems, and network security and is still correlated with cyber security.The relation of cyber security (1999-2019) and cyber security (2020-2022) in the Scopus database were resulting several words such as cyber security, cyber threats, personal computing, internet of things, risk perception, security management, resource allocation, and complex networks that highly occurred up to 203 occurrences.It  raised the overview that the development of technology hit up the topic of cyber security (Marcantoni et al., 2022;Morgan et al., 2022).The discussions of Cyber security issues started near 19802 .The first start theme in Scopus related to cyber security was in 1999 and continued hitherto.Furthermore, cyber security is in tandem with the word "security management".Cyber security management is concerned with reducing uncertainties and managing risks perceived by a security system (Mouti et al., 2022).One of the key objectives of cybersecurity management is to reduce uncertainties associated with security risks.This involves identifying potential risks, evaluating the likelihood of their occurrence, and assessing the potential impact on the organization.By doing so, cybersecurity managers can prioritize risks and allocate resources to those areas that are most vulnerable or likely to be targeted by attackers.
Another important aspect of cybersecurity management is risk management.This involves developing strategies to manage risks associated with cybersecurity threats.Risk management strategies can include implementing security controls, such as firewalls, antivirus software, and intrusion detection systems, to prevent or detect security breaches.It can also include developing incident response plans to ensure that the organization can respond effectively to a security incident.
Based on the findings of the three field plots, a threefield plot, also known as a Sankey diagram, is used to illustrate the most influential authors, the most popular keywords plus, and the most influential affiliations.
Based on the Scopus database, this graph demonstrates a sequence of links between data in a flow.It describes the association between the strongest and heaviest linkages between factors such as journals, keywords, and the most influential or relevant researchers in the field.Liu Z., Wang I., and Masacci F. were the individuals who had the most vital links to the keyword "cyber security, " which is notable.These three authors all have contributions in the same second heavier link; one of those contributions has the keyword "risk management." The connection between "cyber security" and De Montfort University is the most robust one, which suggests that the university is responsible for including the vast majority of publications that contain this keyword.It is something that can be seen by following the flow from the keyword field to the section of the journal.Because of this, it is possible to emphasize the growth of cyber security research by using the primary bibliometric findings, which served as the basis for a literature analysis that zeroed in on the most significant concerns.Additionally, the bibliometric data revealed increased interest in studying cyber security and risk management strategies to protect against cyberattacks.

Discussion
This section will draw on the discussions of the result analysis vis-à-vis the most contemporary issues flanked on the topic of cyber security and management.
The prior results slightly portrayed the relationship between cyber security and strategic management, including investments, humans, critical infrastructure, information services, decision-making, and economics.

Cyber Security and Investments
A country's investment in cyber security is crucial since cyber-attacks could come physically or digitally (Li, Liu, 2021).Currently, most economic, commercial, cultural, social, and governmental activities and interactions of countries at all levels, including individuals, non-governmental organizations, government, and governmental institutions, are carried out in cyberspace of micro-grid.These activities and interactions can be dissected into several categories: commercial, cultural, social, and economic (Aghajani, Ghadimi, 2018).The focus of national security in investments is on optimizing the work units and how the country could secure itself from a cyber-attack.This issue created a particular unit for handling cyber security as a crucial investment.Before the establishment of cyber security unit, cyber-attacks' cases are the responsibility of an intelligence agency in technological deputy.
Nevertheless, the technological deputy in intelligence is very opponent with the deputy of cyber security in intelligence.It could be stated that technological unit is only responsible for the technical technology problems but cyber security deputy covers and blends the cyber security of national intelligence.

Figure 2. Risk Management Co-occurrence Analysis
Another reason for establishing cyber security deputies is the spread of fake news in society, especially in a political context.Fake news and its relevance held the importance of altering numerous aspects of diverse entities, ranging from a city problem to a country's global relativity.Various approaches are available to collect and determine fake news (Dutta et al., 2023).Primary research stated that the rise of fake news is begun from digital sources and social media (Alsuliman et al., 2022;Isa et al., 2022).Many studies have been developed on methods to improve rumor classification, particularly misinformation detection on social media, with promising results in recent years.Cyber security has seven pillars of cyber resilience: patient, persistent, preserving, proactive, predictive, preventive, and preemptive (Carayannis et al., 2021).
Preventive and preemptive measures are critical cornerstones of cyber resilience.Both attempt to mitigate cyber threats and secure an organization's essential assets and systems, but their approaches differ.Preventive measures are intended to keep cyberattacks from happening in the first place.These procedures seek to detect vulnerabilities and put in place security safeguards to keep cybercriminals from abusing them.Firewalls, access controls, encryption, and antivirus software are examples of preventive measures.These techniques contribute to reducing the attack surface and making it more difficult for cybercriminals to breach an organization's defenses.
Preemptive are intended to anticipate and prevent cyberattacks before they occur.These are more proactive methods that entail taking action based on intelligence and threat assessments.Threat hunting, penetration testing, and vulnerability assessments are examples of preventive approaches.These techniques assist firms in identifying and mitigating possible vulnerabilities before cybercriminals may exploit them.In summary, preventative measures are intended to avert assaults, whereas preemptive measures are intended to anticipate and prevent attacks before they occur.
The implementation of ambidextrous cybersecurity involves balancing the need for strong cybersecurity defenses with the need for agility and flexibility in responding to cyber threats.This can be achieved by incorporating the seven pillars (7Ps) of cyber resilience into an organization's cybersecurity strategy.To implement ambidextrous cybersecurity, organizations should first assess their current cybersecurity posture and identify areas where they may be vulnerable to cyber threats.They should then develop a comprehensive cybersecurity strategy that incorporates both defensive and adaptive measures, using the 7Ps framework as a guide.Table 2 lists some key steps to implementing ambidextrous cybersecurity.

Action Description
Develop a risk management plan.This involves identifying critical assets, systems, and data, and assessing the risks associated with them.This information can be used to develop a risk management plan and prioritize cybersecurity investments.

Implement security controls.
This involves implementing security controls, such as firewalls, access controls, and encryption, to prevent or mitigate cyber threats.This pillar focuses on protecting critical assets and systems from unauthorized access or use.

Implement monitoring and detection tools.
This involves implementing tools and processes to detect cybersecurity incidents as they occur.This can include intrusion detection systems, security monitoring tools, and incident response plans.
Develop an incident response plan.This pillar focuses on developing and implementing an incident response plan to contain, mitigate, and recover from cybersecurity incidents.This involves developing procedures for responding to incidents, such as isolating affected systems, preserving evidence, and notifying relevant stakeholders.
Develop a recovery plan.This involves developing a recovery plan to restore systems and data following a cybersecurity incident.This may involve restoring data from backups, rebuilding systems, or implementing new security controls to prevent future incidents.
Continuously assess and update cybersecurity strategies.
This pillar focuses on continually assessing and updating cybersecurity strategies to address new and emerging threats.This may involve updating risk management plans, implementing new security controls, or providing employee training to address new threats.
Develop a communication plan.This involves developing a communication plan to inform stakeholders about cybersecurity incidents, risks, and responses.This may involve communicating with employees, customers, partners, and regulators to ensure that they are aware of cybersecurity risks and measures in place to address them.

Table 2. Key Steps to Implementing Ambidextrous Cybersecurity
Previously the police department of cyber security and corporate security services prevented the development of majority cyber-attacks.However, the main focus of police agencies is on the function of repressive prevention or law enforcement, yet in cyber security, intelligence will focus on preemptive function (Kopotun et al., 2020).Therefore, the cyber security deputy in intelligence is a step of strategy to secure all the attacks on the nation3 .

Cyber Security and Human Resource
The strong connections between cyber security and human resource are fundamental (Mitrofanova et al., 2017).The rising digitization of most technologies we use in our personal and professional life makes cyberattacks a hazard for governments or corporations and ordinary people.It is common practice to consider humans the weakest link in the cyber security chain.It is because any technical security solution is still susceptible to failures caused by human mistakes (Gratian et al., 2018).The human resource in cyber security must master not only technology, including software or hardware, but also cyberspace and cyberculture and should be trained under the intelligence agency (Pollini et al., 2022).Meanwhile, the recruiting procedure used in the national Cyber Security Intelligence agency is considered too academically oriented.It places a greater emphasis on academic qualification than on the overall quality of a candidate, and it does not consider academic qualifications.The requirements of the human resource who work with cyber security are gaining a bachelor's degree, especially in informatics.However, since the era's development, human resource requirements have expanded to the soft skills of visual communication design, culture studies, and culture and media studies that require the staff to combine some skills and academic backgrounds (Furnell, Bishop 2020;Scanlan et al., 2020).Figure 5 presents the overview of the skills required for the intelligence staff in the cyber security department.
In and research Human resources can contribute significantly to cybersecurity by educating and raising awareness, recruiting and hiring qualified personnel, creating effective policies and procedures, ensuring compliance, and participating in incident response.By working together, human resources and cybersecurity teams can create a robust cybersecurity culture that helps prevent cyber attacks and safeguard critical infrastructure.

Cyber security and critical infrastructure
Even though the public and private sectors spend millions of dollars a year on technologies, security software, and hardware devices that will raise the level of cyber security within their companies, these companies are still susceptible to cyber-attacks.The primary issue with the current state of affairs is that computer network security is still typically regarded as a technical component or piece of technology that can be readily installed within an organization.That implementation will guarantee computer network security.This mentality needs to shift since, in today's world, ensuring network security involves more than just using the appropriate technologies (Limba et al., 2017).Modern Industrial Control Systems (ICS) manages many vital activities worldwide.A typical ICS incorporates computerized devices, control systems, and networking appliances to manage industrial processes over broad geographic areas.ICS supports vital national infrastructures like water treatment, energy production, and transportation.A successful attack  can shut down the infrastructure, causing industrial stoppages or safety issues for people, the environment, and assets.Similarly, operating a process when the infrastructure is under assault or corrupted has potentially catastrophic safety implications (Catota et al., 2019;Firoozjaei et al., 2022).Hence, a country must develop a good critical infrastructure for security, such as building advanced laboratories (de Soto et al., 2022).In this case, Cyber-Physical Systems (CPS) are the world's critical infrastructure and could affect human life in the future.In recent years, CPS has seen a rise in connections, which has raised cybersecurity concerns.Aside from classic information system vulnerabilities, CPS has new issues due to heterogeneous devices and protocols and stringent reliability requirements (Michalec et al., 2022).The critical infrastructure could be formed as laboratories for practice, intelligence school and training, qualified departments and materials, and cyber-physical systems (Qi et al., 2018;Quincozes et al., 2022).In developing the critical infrastructure, establishing a new school department, innovative campus, and medical intelligence could strengthen national security from cyber-attacks or national threats.Therefore, the development of critical infrastructure needs a system of Public-private Partnership (PPP) to mitigate the risk against critical infrastructure and manage the quality of the infrastructure.Critical infrastructure is also related to how governments and private businesses understand their roles in raising the degree of national cybersecurity.It discovered a disjunction between what each side expects from the other side in building advanced national security (Carr, 2016;Watanabe, 2019).Cybersecurity is vital for safeguarding critical infrastructure against cyber assaults.Critical infrastructure refers to physical and digital systems that are necessary for civilization to function, such as power grids, transportation systems, water supply systems, and communication networks.These systems are interrelated and interdependent, and disturbances in one can have serious consequences in others.Table 3 provides some examples of how cybersecurity might help secure vital infrastructure: Cyber security and information services IT implementation in most areas of the state, economy, and society offers various potentials for automating management operations and increasing the efficiency and quality of rendered services (Boiko et al., 2019;Rahiman et al., 2021).Unawareness of reverse sociotechnical dangers can lead to an unsuspecting employee leaking critical corporate data or compromising information security.Even though programmed systems can detect phishing emails and websites, they are not 100% accurate (Mantha, García de Soto, 2021).Technological solutions will not guard against cyber dangers or attacks like phishing.Hence, companies must acquire procedures to protect individuals from phishing risks, attacks and strategies to raise awareness.Information and data security awareness help prevent social engineering attacks.Information and data security management need constant vigilance (Rajan et al., 2021).Critical infrastructure systems are subject to a variety of regulations, including the NIST Cybersecurity Framework, which provides guidance for implementing cybersecurity safeguards to protect critical infrastructure systems.In the case of a cyber attack or other cybersecurity issue, a well-designed incident response plan can help guarantee that critical infrastructure systems are safeguarded and the incident's impact is reduced.

Cyber security and decision making
Source: authors.
Table 3.Some applications of cybersecurity for protecting vital infrastructure ligence to result in the information (Zyoud, Fuchs-Hanusch, 2017).Intelligence experts use behavioral decision theory to improve intelligence and counterintelligence decision-making.Orthodox and behavioral decision theory also presents decision as a prioritization effort inside a demarcated problem space where the probability of sum to one (Alemany et al., 2023;Misuri et al., 2019;Phillips, 2022).Based on the presented results, the information services are highly related to decision-making, situational awareness, information sharing, risk assessment, and artificial intelligence.It gives an overview of the information processing in the cyber security field that there are several cycle steps of filtering information by using artificial intelligence to decide the final information (Table 4).

Cyber security with risk management and assessment
To this end, the relation of cyber security and risk management and assessment field are closely related since it is relevant to considering critical infrastructure and policy decisions.In planning an infrastructure for cyber security, the head of intelligence examines the risk assessment and management to build economic dynamics, intelligence applications, or education.Risk assessment methods are widely used to analyze the prediction of future dynamics situations, especially in cyber-attacks or threats such as in cyber-physical systems, cyber safety, human resource, and economic activities (Kure et al., 2018;Michalec et al., 2022;Mitrofanova et al., 2017b;Rosado et al., 2022).One of the examples of the relationship between cyber security in this risk assessment and management is in economics.Cyberspace indicators are a big part of the indicators used to measure a country's progress and GDP.The economics of cyber-security analyzes cyber-security challenges, such as PACS (Privacy and Cyber Security) adoption.Most evaluations focus on cost-benefit trade-offs encountered by rational market participants, strategic behavior, and market outcomes regarding participant welfare.Cyber-security risk assessment encompasses firms, customers, government, and adversaries.It also analyzes market mechanisms, market failures, and the economic impact of regulation on cyber-security.Security risks drive cyber-security economics (Jentzsch, 2018).Risk management strategy could also defend the national threats which consist of conflicts that include multiple nation-states, political protesters, insider trading, espionage that is supported by a state.(McEvoy, Kowalski, 2019) In analyzing and defeating the cyber security risks, various risk management tools are applied4 .These methods can be a further recommendation for further research related to cyber security and management in empirical research.

Conclusion
Cyber security is a crucial issue that must be addressed by all enterprises, regardless of size, industry, or location, according to the conclusion of the cyber security and its strategic management topic.In order to defend their assets, data, and reputation from the increasing frequency and sophistication of cyber attacks, organizations must adopt a comprehensive and proactive approach to cyber security.Successful cyber security necessitates a comprehensive and unified strategy that incorporates people, procedures, and technology.
Our article analyzes the trends in the evolution of research on cybersecurity and its relationship to key aspects of strategic corporate management, including investments in infrastructure and human capital.
It is shown that a key aspect of cybersecurity remains dealing with people as the most vulnerable link in the Table 4. Steps of filtering information by using artificial intelligence to decide the final information Step Description

Collecting information
The intelligent members gained information from two sides: available information from any sources such as social media, media, news, and societal issues and close information from its agents or intelligence members (Hautamaki, Kokkonen 2020).It should be noted that intelligence information must have three patent prerequisites: fast, precise, and accurate.

Artificial intelligence
An artificial intelligence machine will then process it to learn and decide from the collected data.

Expert judgments
The decision-making of information processing is considered and filtered by the experts before deciding the final information.

Situational awareness
Since the ever-increasing complexity of the dynamics of cyber threats, it is currently more complicated than it has ever been for enterprises to acquire in-depth insights into their current state of cyber security.As a result, businesses rely on Cyber Situational Awareness (CSA) to assist them in gaining a deeper comprehension of the dangers posed by cyber events and the consequences these threats can have (Jiang et al., 2022).Situational awareness is one of the re-checking phases of information.The head of intelligence will analyze referring the current urgent situation.If the information that has been decided is not urgent or possibly inaccurate, the information processing will be refined through a similar process.

Figure 3 .
Figure 3. Thematic evolution map and three fields plot

Figure 5 .
Figure 5. Skills Needed for Сyber Security Staff
damage critical infrastructure systems and create widespread outages, jeopardizing individual and community safety and security.Cybersecurity measures can assist avoid these attacks by identifying vulnerabilities and putting mitigation measures in place.Ensure system availabilityTo protect the safety and well-being of individuals and communities, critical infrastructure systems must be available and operational at all times.Cybersecurity measures can assist in ensuring that systems are available and secure against cyber threats.