CYBERSECURITY IN FINANCIAL INSTITUTIONS: A BIBLIOMETRIC AND THEMATIC ANALYSIS OF GLOBAL RESEARCH (2000–2025)

Authors

DOI:

https://doi.org/10.18623/rvd.v22.n7.3815

Keywords:

Cybersecurity, Fintech, Bibliometric Analysis, Financial Institutions

Abstract

Cybersecurity has become a central element of operational risk in the financial sector, where rapid digitalization and increasingly interconnected technologies expose institutions to sophisticated cyber threats. This study offers a bibliometric and content-based analysis of cybersecurity research in banking and insurance, drawing on 2,005 publications indexed in the Web of Science (2000–2025) and analyzed using the Bibliometrix R package. The findings show steady growth in research output, driven by regulatory developments, technological innovation, and the expansion of digital financial services. The literature remains highly dispersed, with limited source concentration and uneven patterns of international collaboration: high-output countries such as the United States and India exhibit comparatively low collaboration ratios, whereas smaller contributors, including Saudi Arabia and Australia, show stronger global integration. Thematic clusters reveal three principal research fronts: AI-enabled threat detection, institutional cybersecurity governance, and fintech-related security issues. Despite this expansion, empirical gaps persist, particularly regarding the effectiveness of cybersecurity investments and the limited attention given to the insurance sector. The study’s reliance on English-language WoS data and bibliometric methods represents a key limitation. Overall, the results highlight cybersecurity as a strategic priority for financial systems and underscore the need for more interdisciplinary, empirically grounded, and internationally coordinated research.

References

Ahmad, A., Maynard, S. B., Desouza, K. C., Kotsias, J., Whitty, M. T., & Baskerville, R. L. (2021). How can organizations develop situation awareness for incident response: A case study of management practice. Computers & Security, 101, 102122. https://doi.org/10.1016/j.cose.2020.102122

Al-Alawi, A. I., & Al-Bassam, M. S. A. (2020). The significance of cybersecurity system in helping managing risk in banking and financial sector. Journal of Xidian University, 14(7), 1523-1536. https://doi.org/10.37896/jxu14.7/174

Alzoubi, H. M., Ghazal, T. M., Hasan, M. K., Alketbi, A., Kamran, R., Al-Dmour, N. A., & Islam, S. (2022, May). Cyber security threats on digital banking. In 2022 1st International Conference on AI in Cybersecurity (ICAIC) (pp. 1-4). IEEE. https://doi.org/10.1109/ICAIC53980.2022.9896966

Aria, M., & Cuccurullo, C. (2017). bibliometrix: An R-tool for comprehensive science mapping analysis. Journal of informetrics, 11(4), 959-975. https://doi.org/10.1016/j.joi.2017.08.007

Arroyabe, M. F., Arranz, C. F., De Arroyabe, I. F., & de Arroyabe, J. C. F. (2024). Exploring the economic role of cybersecurity in SMEs: A case study of the UK. Technology in Society, 78, 102670. https://doi.org/10.1016/j.techsoc.2024.102670

Barcellos-Paula, L., Gil-Lafuente, A. M., & Merigó, J. M. (2025). Research on cybersecurity and business: A bibliometric review (2004-2023). Cuadernos de Gestión, 25(1), 19-36. https://doi.org/10.5295/cdg.242288lb

Biener, C., Eling, M., & Wirfs, J. H. (2015). Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, 40(1), 131-158. https://doi.org/10.1057/gpp.2014.19

Bouveret, A. (2018). Cyber risk for the financial sector: A framework for quantitative assessment. International Monetary Fund. https://doi.org/10.5089/9781484360750.001

Brando, Danny and Kotidis, Antonis and Kovner, Anna and Lee, Michael and Schreft, Stacey L., Implications of Cyber Risk for Financial Stability (May 1, 2022). FEDS Notes No. 2022-05-12. https://doi.org/10.17016/2380-7172.3077

Brho, M., Jazairy, A., & Glassburner, A. V. (2025). The finance of cybersecurity: Quantitative modeling of investment decisions and net present value. International Journal of Production Economics, 279, 109448. https://doi.org/10.1016/j.ijpe.2024.109448

Cavusoglu, H., Mishra, B., & Raghunathan, S. (2004). The effect of internet security breach announcements on market value: Capital market reactions for breached firms and internet security developers. International Journal of Electronic Commerce, 9(1), 70-104. https://doi.org/10.1080/10864415.2004.11044320

Crisanto, J., Umebara, P., & Prenio, A. (2023). Banks’ cyber security–a second generation of regulatory approaches. Financial Stability Institute FSI Insights on Policy Implementation, (50). https://www.bis.org/fsi/publ/insights50.pdf

Darem, A. A., Alhashmi, A. A., Alkhaldi, T. M., Alashjaee, A. M., Alanazi, S. M., & Ebad, S. A. (2023). Cyber threats classifications and countermeasures in banking and financial sector. IEEe Access, 11, 125138-125158. https://doi.org/10.1109/ACCESS.2023.3327016

Davis, F. D. (1989). Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS quarterly, 319-340. https://doi.org/10.2307/249008

Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security (TISSEC), 5(4), 438-457. https://doi.org/10.1145/581271.581274

Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of information systems, 18(2), 106-125. https://doi.org/10.1057/ejis.2009.6

Kaffenberger, L., & Kopp, E. (2019). Cyber risk scenarios, the financial system, and systemic risk assessment. Carnegie Endowment for International Peace. https://carnegie-production-assets.s3.amazonaws.com/static/files/Kaffenberger_Cyber_Risk_Scenarios_final1.pdf

Markopoulou, D., Papakonstantinou, V., & De Hert, P. (2019). The new EU cybersecurity framework: The NIS Directive, ENISA's role and the General Data Protection Regulation. Computer Law & Security Review, 35(6), 105336. https://doi.org/10.1016/j.clsr.2019.06.007

Matejka, V., Soto, J., & Franco, M. (2021). A framework for the definition and analysis of cyber insurance requirements. Master Project, University of Zurich, Communication Systems Group, Department of Informatics, Zurich, Switzerland. https://files.ifi.uzh.ch/CSG/staff/franco/extern/theses/MAP-VM-JAHS.pdf

Pacelli, V. (2025). Systemic Risk and Complex Networks in Modern Financial Systems (p. 412). Springer Nature. https://doi.org/10.1007/978-3-031-64916-5

Page, M. J., McKenzie, J. E., Bossuyt, P. M., Boutron, I., Hoffmann, T. C., Mulrow, C. D., ... & Moher, D. (2021). The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. bmj, 372.

Rashid, Z., Noor, U., & Altmann, J. (2021). Economic model for evaluating the value creation through information sharing within the cybersecurity information sharing ecosystem. Future Generation Computer Systems, 124, 436-466. https://doi.org/10.1016/j.future.2021.05.033

Sheehan, B., Murphy, F., Kia, A. N., & Kiely, R. (2021). A quantitative bow-tie cyber risk classification and assessment framework. Journal of Risk Research, 24(12), 1619-1638. https://doi.org/10.1080/13669877.2021.1900337

Uddin, M. H., Ali, M. H., & Hassan, M. K. (2020). Cybersecurity hazards and financial system vulnerability: a synthesis of literature. Risk Management, 22(4), 239-309. https://doi.org/10.1057/s41283-020-00063-2

Woods, D. W., & Böhme, R. (2021). SoK: Quantifying cyber risk. In 2021 IEEE Symposium on Security and Privacy (SP) (pp. 211-228). IEEE. https://doi.org/10.1109/SP40001.2021.00053

World Economic Forum. 2025. The Global Risks Report 2025 – 20th Edition. Available at: <https://reports.weforum.org/docs/WEF_Global_Risks_Report_2025.pdf>

Downloads

Published

2025-12-19

How to Cite

Pekarčík, M., Sopko, J., & Šafár, L. (2025). CYBERSECURITY IN FINANCIAL INSTITUTIONS: A BIBLIOMETRIC AND THEMATIC ANALYSIS OF GLOBAL RESEARCH (2000–2025). Veredas Do Direito, 22, e223815. https://doi.org/10.18623/rvd.v22.n7.3815

Issue

Vol. 22 (2025): Veredas do Direito, v. 22, 2025

Section

Articles

License

I (we) submit this article which is original and unpublished, of my (our) own authorship, to the evaluation of the Veredas do Direito Journal, and agree that the related copyrights will become exclusive property of the Journal, being prohibited any partial or total copy in any other part or other printed or online communication vehicle dissociated from the Veredas do Direito Journal, without the necessary and prior authorization that should be requested in writing to Editor in Chief. I (we) also declare that there is no conflict of interest between the articles theme, the author (s) and enterprises, institutions or individuals.

I (we) recognize that the Veredas do Direito Journal is licensed under a CREATIVE COMMONS LICENSE.

 

Licença Creative Commons Attribution 3.0