Mapping the Landscape of Information Security Risk Management Research: A Bibliometric Analysis Using VOS Viewer and Power BI

Norshima Humaidi; Nurhafizah Zainal; Amirul Afif Muhamat

doi:10.2478/ias-2025-0006

.blurhash-client-img { display: none !important; }

Mapping the Landscape of Information Security Risk Management Research: A Bibliometric Analysis Using VOS Viewer and Power BI

Journal of Information Assurance and Security

Volume 20 (2025): Issue 2 (September 2025)

By: Norshima Humaidi, Nurhafizah Zainal and Amirul Afif Muhamat

Open Access

|Sep 2025

Abstract

Effective risk management is crucial for businesses to mitigate a wide array of threats. This paper conducts a bibliometric analysis of information security risk management literature spanning two decades, from 2000 to early 2025. Using the Web of Science (WoS) database, 418 English-language journal articles were reviewed. Visualizations using VOS viewer and Power BI offer insights into publication trends, co-citations, keywords, authors, journals and contributing countries. The analysis identifies four thematic clusters reflecting key areas in information security risk management research. The findings highlight significant growth in this field over the past 25 years, with expectations for continued international expansion and knowledge advancement.

References

World Economic Forum. (2024, October 22). Why strong cybersecurity means we must reduce complexity. https://www.weforum.org/stories/2024/10/strong-cybersecurity-reduce-complexity-risk-cyber/
Search in Google Scholar Back to article
Selangor Journal. (2023, July 10). Rise of cybersecurity threats a significant concern — PM. https://selangorjournal.my/2023/07/rise-of-cybersecurity-threats-a-significant-concern-pm/
Search in Google Scholar Back to article
Syed, B., & Shahid, M. (2022). Impact of information security management system on firm financial performance: Perspective of corporate reputation and branding. American Journal of Industrial and Business Management, 12(5), 934–954. doi:10.4236/ajibm.2022.125048.
Open DOI Search in Google Scholar Back to article
Xie, X., Wu, Y., Palacios-Marqués, D., & Ribeiro-Navarrete, S. (2022). Business networks and organizational resilience capacity in the digital age during COVID-19: A perspective utilizing organizational information processing theory. Technological Forecasting and Social Change, 177, 121548. https://doi.org/10.1016/j.techfore.2022.121548
Search in Google Scholar Back to article
Mavani, C., Patel, R., Mistry, H., & Goswami, A. (2024). The role of cybersecurity in protecting intellectual property. International Journal on Recent and Innovation Trends in Computing and Communication, 12(2), 529–538.
Search in Google Scholar Back to article
Jacqueline, J., Luky, P. W., & Anastasia, F. I. (2024). The impact of intangible asset and research and development on firm value. Journal of Accounting, Entrepreneurship and Financial Technology (JAEF), 5(2). https://doi.org/10.37715/jaef.v5i2.4553
Search in Google Scholar Back to article
Norris, B. (2024, May 8). Intangible asset value higher than tangible but protection gap persists. Commercial Risk. https://www.commercialriskonline.com/intangible-asset-value-higher-than-tangible-but-protection-gap-persists/
Search in Google Scholar Back to article
Ikrissi, G., & Mazri, T. (2021). IOT-based smart environments: State of the art, security threats and solutions. The International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences, XLVI-4/W5-2021(4), 279–286. https://doi.org/10.5194/isprs-archives-xlvi-4-w5-2021-279-2021
Search in Google Scholar Back to article
Pawel, K. (2021). Human factor aspects in information security management in the traditional IT and cloud computing models. Operations Research and Decisions, 1, 62–76. https://doi.org/10.37190/ord210104
Search in Google Scholar Back to article
Meiser, L. C., Nguyen, B. H., Chen, Y.-J., Nivala, J., Strauss, K., Ceze, L., & Grass, R. N. (2022). Synthetic DNA applications in information technology. Nature Communications, 13(1), 352. https://doi.org/10.1038/s41467-021-27846-9
Search in Google Scholar Back to article
Alzoubi, N. (2024). Using information technology management with artificial intelligence techniques. Journal of Lifestyle and SDGs Review, 5(2), e03013. https://doi.org/10.47172/2965-730x.sdgsreview.v5.n02.pe03013
Search in Google Scholar Back to article
Metin, B., Duran, S., Telli, E., Mutluturk, M., Wynn, M. (2024). IT risk management: Towards a system for enhancing objectivity in asset valuation that engenders a security culture. Information, 15(55), 1–27. https://doi.org/10.3390/info15010055
Search in Google Scholar Back to article
Pretorius, R., & Blaauw, D. (2022). Digital risk management: Investigating human-factor security with a Behaviorist Approach. International Conference on Cyber Warfare and Security, 17(1), 513–521. https://doi.org/10.34190/iccws.17.1.64
Search in Google Scholar Back to article
Birchwood University. (2024). Zero trust vs. traditional network security: What’s the difference? Birchwood University. Retrieved from https://www.birchwoodu.org/zero-trust-vs-traditional-network-security/
Search in Google Scholar Back to article
Security Info Watch. (2024). Traditional IT security vs. cloud security: Which approach is right for your business? Security Info Watch. Retrieved from https://www.securityinfowatch.com/cybersecurity/information-security/article/21089929/traditional-it-security-vs-cloud-security-which-approach-is-right-for-your-business
Search in Google Scholar Back to article
Al-Dosari, K., & Fetais, N. (2023). Risk-management framework and information-security systems for small and medium enterprises (SMEs): A Meta-Analysis Approach. Electronics, 12(17), 3629. https://doi.org/10.3390/electronics12173629
Search in Google Scholar Back to article
Brunner, M., Sauerwein, C., Felderer, M., & Breu, R. (2020). Risk management practices in information security: Exploring the status quo in the DACH region. Computers & Security, 92, 101776. https://doi.org/10.1016/j.cose.2020.101776
Search in Google Scholar Back to article
Whitman, M., & Mattord, H. (2021). A Model Curriculum for Programs of Study in Information Security/Cybersecurity March 2021. https://www.kennesaw.edu/coles/centers/cyber-center/resources/docs/model-curriculum-2021
Search in Google Scholar Back to article
Alsafwani, N., Fazea, Y., & Alnajjar, F. (2024). Strategic approaches in network communication and information security risk assessment. Information, 15(6), 353. https://doi.org/10.3390/info15060353
Search in Google Scholar Back to article
Kitsios, F., Chatzidimitriou, E., & Kamariotou, M. (2022). Developing a risk analysis strategy framework for impact assessment in information security management systems: A case study in IT consulting industry. Sustainability, 14(3), 1269. https://doi.org/10.3390/su14031269
Search in Google Scholar Back to article
Sharma, D., Mittal, R., Sekhar, R., Shah, P., & Renz, M. (2023). A bibliometric analysis of cyber security and cyber forensics research. Results in Control and Optimization, 10, 100204. https://doi.org/10.1016/j.rico.2023.100204
Search in Google Scholar Back to article
Arroyabe, M. F., Arranz, C. F., De Arroyabe, J. C. F., & Fernandez, I. (2024). Digitalization and Cybersecurity in SMEs: A Bibliometric analysis. Procedia Computer Science, 237, 80–87. https://doi.org/10.1016/j.procs.2024.05.082
Search in Google Scholar Back to article
Guembe, B., Misra, S., Azeta, A., & Lopez-Baldominos, I. (2025). Bibliometric analysis of artificial intelligence cyberattack detection models. Artificial Intelligence Review, 58(6). https://doi.org/10.1007/s10462-025-11167-0
Search in Google Scholar Back to article
Judijanto, L., Endrianto, E., & Vandika, A. Y. (2024). Mapping the Cybersecurity Research through Bibliometric Analysis. West Science Information System and Technology, 2(03), 374–382. https://doi.org/10.58812/wsist.v2i03.1534
Search in Google Scholar Back to article
Erdoğan, M., & Akmeşe, Ö. F. (2025). Bibliometric analysis of studies on cyber crimes between 2000–2023. ADBA Computer Science, 2(1), 19–29. https://doi.org/10.69882/adba.cs.2025014
Search in Google Scholar Back to article
Broadus, R. N. (1987). Toward a definition of ‘bibliometrics.’ Scientometrics, 12(5–6), 373–379. https://doi.org/10.1007/BF02016680
Search in Google Scholar Back to article
Pritchard, A. (1969). Statistical bibliography or bibliometrics? Journal of Documentation, 25, 348–349.
Search in Google Scholar Back to article
Donthu, N., Kumar, S., Mukherjee, D., Pandey, N., & Lim, W. M. (2021). How to conduct a bibliometric analysis: An overview and guidelines. Journal of Business Research, 133, 285–296. https://doi.org/10.1016/j.jbusres.2021.04.070
Search in Google Scholar Back to article
Merigó, J. M., Pedrycz, W., Weber, R., & de la Sotta, C. (2018). Fifty years of Information Sciences: A bibliometric overview. Information Sciences, 432, 245–268. https://doi.org/10.1016/j.ins.2017.11.054
Search in Google Scholar Back to article
Seuring, S., Müller, M., Westhaus, M., & Morana, R. (2005). Conducting a literature review—the example of sustainability in supply chains. In Research Methodologies in Supply Chain Management, 91–106.
Search in Google Scholar Back to article
Dohale, V., Gunasekaran, A., Akarte, M. M., & Verma, P. (2020). Twenty-five years’ contribution of “Benchmarking: an International Journal” to manufacturing strategy: a scientometric review. Benchmarking: An International Journal, 27(10), 2887–2908. https://doi.org/10.1108/BIJ-05-2019-0208.
Search in Google Scholar Back to article
Qudah, S. M. A. A., Fuentes-Bargues, J. L., & Ferrer-Gisbert, P. S. (2024). Bibliometric analysis of the literature on risk management in the construction sector: Exploring current and future trends. Ain Shams Engineering Journal, 15(8), 102843. https://doi.org/10.1016/j.asej.2024.102843
Search in Google Scholar Back to article
Li, J., Goerlandt, F., & Reniers, G. (2021). An overview of scientometric mapping for the safety science community: Methods, tools, and framework. Safety Science, 134, 105093. https://doi.org/10.1016/j.ssci.2020.105093
Search in Google Scholar Back to article
Van Eck, N. J., & Waltman, L. (2010). Software survey: VOS viewer, a computer program for bibliometric mapping. Scientometrics, 84(2), 523–538. https://doi.org/10.1007/s11192-009-0146-3
Search in Google Scholar Back to article
Domański, Jarosław, “Risk categories and risk management processes in nonprofit organizations.” Foundations of Management, vol. 8, no. 1, pp. 227–42, Jan., 2016. https://doi.org/10.1515/fman-2016-0018.
Search in Google Scholar Back to article
Couce-Vieira, Aitor, et al., (2017). GIRA: A General Model for Incident Risk Analysis. Journal of Risk Research, 22(2), 191–208. https://doi.org/10.1080/13669877.2017.1372509.
Search in Google Scholar Back to article
Yaacoub, J. A., Noura, H. N., Salman, O., & Chehab, A. (2021). Robotics cyber security: vulnerabilities, attacks, countermeasures, and recommendations. International Journal of Information Security, 21(1), 115–158. https://doi.org/10.1007/s10207-021-00545-8
Search in Google Scholar Back to article
Dube, D. P., & Mohanty, R. (2018). Towards development of a Cyber Security Capability Maturity Model (CSCMM). International Journal of Business Information Systems, 34(1). https://doi.org/10.1504/ijbis.2020.10014790
Search in Google Scholar Back to article
Porwal, S., Nair, S. K., & Dimitrakos, T. (2011). Regulatory Impact of Data Protection and Privacy in the Cloud. In S. Porwal, S. K. Nair, & T. Dimitrakos, IFIP advances in information and communication technology (p. 290). Springer Science+Business Media. https://doi.org/10.1007/978-3-642-22200-9_23
Search in Google Scholar Back to article
Chawki, M. (2024). An effective cloud computing model enhancing privacy in cloud computing. Information Security Journal a Global Perspective, 1–24. https://doi.org/10.1080/19393555.2024.2307637
Search in Google Scholar Back to article
Asiri, N. (2024). Security and privacy issues in Cloud Storage. In N. Asiri, arXiv (Cornell University). Cornell University. https://doi.org/10.48550/arxiv.2401.04076
Search in Google Scholar Back to article
Chen, H., & Hai, Y. (2024). Exploring the critical success factors of information security management: a mixed-method approach. Information and Computer Security, 32(5), 545–572. https://doi.org/10.1108/ics-03-2023-0034
Search in Google Scholar Back to article

Articles in this issue

DOI: https://doi.org/10.2478/ias-2025-0006 | Journal eISSN: 1554-1029 | Journal ISSN: 1554-1010

Journal RSS Feed

Language: English

Page range: 86 - 105

Published on: Sep 12, 2025

Published by: Cerebration Science Publishing Co., Limited

In partnership with: Paradigm Publishing Services

Publication frequency: 6 issues per year

Keywords:

Bibliometrics,

Information Security,

WoS,

Related subjects:

Fundamentals of computer sciences,

Theoretical computer sciences,

IT-security and cryptology

© 2025 Norshima Humaidi, Nurhafizah Zainal, Amirul Afif Muhamat, published by Cerebration Science Publishing Co., Limited
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License.

Volume 20 (2025): Issue 2 (September 2025)