Exploring Incentives and Challenges for Cybersecurity Intelligence Sharing (CIS) across Organizations: A Systematic Review

Abstract

Cybersecurity intelligence sharing (CIS) has gained significance as an organizational function to protect critical information assets, manage cybersecurity risks, and improve cybersecurity operations. However, few studies have synthesized accumulated scholarly knowledge on CIS practices across disciplines. Synthesizing the pertinent literature through a structured literature review, we investigated the incentives and challenges that influence organizations around adopting CIS practices. We used the overarching TOE framework to categorize these factors and propose a theoretical framework to establish common ground for future studies. We also developed a holistic and inclusive definition for cybersecurity intelligence that we present in the paper. We found 46 papers on CIS in different disciplines and analyzed them to answer our research questions. We identified 35 factors that we classified according to the TOE framework. With this paper, we facilitate further theory development by overviewing theories that researchers can use as a basis for CIS studies, suggesting future directions, providing a reference source, and developing a reference CIS framework for IS scholars.