Cybersecurity Research in Accounting Information Systems: A Review and Framework

The study of cybersecurity issues plays a fundamental role in accounting information systems (AIS) research. However, as the importance of cybersecurity has continued to grow in other disciplines, such as computer science and management information systems, it has become less clear what is distinct about AIS-based cybersecurity research, what unique insights AIS research has contributed to the study of cybersecurity, and what promising directions for AIS research into cybersecurity remain untapped. In order to answer these questions, we perform a literature review covering 56 articles published in 11 AIS-oriented journals. We find four distinct, yet related, categories of research inquiry: cybersecurity risks and threats, cybersecurity controls, cybersecurity-related assurance, and cybersecurity breaches. In highlighting the key insights uncovered from these four areas, we frame "what we know," as well as "what remains to be learned," by outlining a detailed proposal of future research opportunities for AIS researchers.