Elements of Strategic Planning in Cybersecurity: A Systematic Literature Review of Malaysian Agencies
摘要
Given the increasing sophistication of global cyber-attacks, developing strong cybersecurity capabilities and a resilient posture is now critically important. Cybersecurity leaders in public and private sector organizations need to think strategically to be able to withstand such attacks. This systematic literature review examines the core elements of strategic thinking in cybersecurity, synthesizing insights from academic and industry sources. The review incorporates studies retrieved from two major online databases: IEEE Xplore, and Scopus. From the review, key elements of strategic thinking in cybersecurity were identified which include Effective Governance and Management, Legislative and Regulatory Framework, Compliance and Enforcement, Culture of Security and Capacity Building, Public-Private Collaboration, Research and Development Towards Self-Reliance, Cybersecurity Technology Framework and Cybersecurity Emergency Readiness. These elements are reframed not merely as outcomes of strategic planning, but as enablers of cognitive and forward-looking processes central to strategic thinking. The findings provide actionable insights for policymakers and practitioners, bridging gaps between strategic thinking and implementation in the evolving cybersecurity landscape.