Information security: Critical review and future directions for research

Purpose: The purpose of this literature review is to analyze current trends in information security and suggest future directions for research. Design/methodology/approach: The authors used literature review to analyze 1,588 papers from 23 journals and 5 conferences. Findings: The authors identified 164 different theories used in 684 publications. Distribution of research methods showed that the subjective-argumentative category accounted for 81 per cent, whereas other methods got very low focus. This research offers implications for future research directions on information security. They also identified existing knowledge gaps and how the existing themes are studied in academia. Research limitations/implications: The literature review did not include some dedicated security journals (i.e. Cryptography). Practical implications: The study reveals future directions and trend that the academia should consider. Originality/value: Information security is top concern for organizations, and this research analyzed how academia dealt with the topic since 1977. Also, the authors suggest future directions for research suggesting new research streams. © Emerald Group Publishing Limited 0968-5227.