Cybersecurity Risk Management Frameworks in the Oil and Gas Sector: A Systematic Literature Review

Huma Imran*, Mohamed Salama, Colin Turner, Sherif Fattah

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)


Oil and gas industry is an important part of the country’s critical infrastructure that employs sophisticated equipment, tools, assets and specialized interdisciplinary knowledge. In order to improve productivity and efficiency, there is an increasing trend in the industry towards digital transformation. This, as a result has increased cyber vulnerabilities and threats in the oil and gas industry. Fear of cyberattacks is particularly high in oil and gas organization as they are part of critical infrastructure. They face a wide spectrum of threats due to the complex nature of their value chain. Different frameworks have been developed in different sector to address the cyber risk management. But unfortunately, enough research hasn’t been done in the oil and gas sector. To address this gap, a rigorous and methodical approach was applied to conduct a systematic literature review of original frameworks, peer reviewed articles, book chapters and conference papers related to 25 most commonly used frameworks, after performing a thorough search in the four major databases such as AAPG, Web of Science, SCOPUS, and ProQuest. The main aim of this paper is to conduct systematic literature review on the cybersecurity risk management frameworks available in literature that guides the practice of cyber risk management in the oil and gas projects. The findings of this paper illuminates key research gaps, strengths, and limitations of these frameworks, and help to identify directions for further research.

Original languageEnglish
Title of host publicationAdvances in Information and Communication. FICC 2022
EditorsKohei Arai
Number of pages24
ISBN (Electronic)9783030980153
ISBN (Print)9783030980146
Publication statusPublished - 12 Mar 2022
EventFuture of Information and Communication Conference 2022 - Virtual, Online
Duration: 3 Mar 20224 Mar 2022

Publication series

NameLecture Notes in Networks and Systems
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389


ConferenceFuture of Information and Communication Conference 2022
Abbreviated titleFICC 2022
CityVirtual, Online


  • Cyber risk management
  • Cybersecurity
  • Cybersecurity framework
  • Digitization
  • Oil and Gas

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Signal Processing
  • Computer Networks and Communications


Dive into the research topics of 'Cybersecurity Risk Management Frameworks in the Oil and Gas Sector: A Systematic Literature Review'. Together they form a unique fingerprint.

Cite this