Understanding and measuring the impact of cyberattacks on businesses: a systematic literature review

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


This chapter undertakes a systematic literature review to understand how cyberattacks affect businesses, what are the literature gaps and what future research is needed to better understand the state-of-the art in the cybersecurity field for stakeholders. With the onset of the COVID-19 pandemic, cyberattacks continue to grow in frequency and severity. This has caused a wide range of critical damages to business, ranging from financial losses, reputation harm, decrease in productivity, disruption of operations to total failure of the whole business processes. However, there is a lack of consensus on which business aspects are affected by cyberattacks and how to measure such impact. Inconsistent measuring methods would hinder the justification of cybersecurity investment in practice and mitigation of cyber risks in the future. This chapter, therefore, aims to contribute to the stilldeveloping area of cyberattacks from the perspective of impact measurement. The findings could provide practical insights for researchers and practitioners not only to identify contemporary research trends, key authors, methods, and barriers, but also to recognise future research directions and encourage the consideration of appropriate solutions in the field.
Original languageEnglish
Title of host publicationCybersecurity for Decision Makers
EditorsNarasimha Vajjhala, Kenneth Strang
Place of PublicationUSA
PublisherCRC Press
ISBN (Print)9781032334974
Publication statusPublished - 20 Jul 2023


  • cyberattack
  • impact analysis
  • systematic literature review
  • indirect costs
  • decision making
  • cybersecurity


Dive into the research topics of 'Understanding and measuring the impact of cyberattacks on businesses: a systematic literature review'. Together they form a unique fingerprint.

Cite this