Cybersecurity Risk Assessment Frameworks For Engineering Databases: A Systematic Literature Review
DOI:
https://doi.org/10.71292/sdmi.v2i01.22Keywords:
Cybersecurity Risk Assessment, Engineering Databases, Data Security Frameworks, Threat Mitigation Strategies, Systematic Literature ReviewAbstract
The increasing reliance on engineering databases for storing, managing, and processing sensitive industrial and operational data has heightened their susceptibility to evolving cybersecurity threats. To ensure data confidentiality, integrity, and availability, structured cybersecurity risk assessment frameworks are essential for identifying vulnerabilities, mitigating cyber risks, and enhancing database security. This study presents a systematic review of 125 high-quality articles following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines, offering a comprehensive analysis of risk assessment methodologies, regulatory frameworks, and cybersecurity governance models applicable to engineering database environments. The findings highlight that risk quantification models such as CVSS, FAIR, and CRAMM are widely utilized for evaluating cybersecurity threats, with CVSS being the most frequently applied due to its standardized vulnerability scoring approach. Additionally, supply chain vulnerabilities, insider threats, and ransomware attacks emerged as the most significant cybersecurity risks, requiring multi-layered security controls, zero-trust frameworks, and continuous monitoring for effective mitigation. Regulatory compliance frameworks such as GDPR, NIST SP 800-53, and CMMC were found to be instrumental in enhancing cybersecurity resilience, ensuring adherence to standardized security policies and legal requirements. Furthermore, the study underscores the increasing adoption of AI-driven risk assessment models, predictive analytics, and security automation as critical components of modern cybersecurity strategies. The results confirm that engineering database security must evolve beyond traditional risk assessment models by integrating advanced AI-driven analytics, proactive risk governance, and compliance-driven cybersecurity frameworks to safeguard against emerging cyber threats in high-risk industrial environments. The findings contribute to the growing body of research on cybersecurity risk assessment and provide practical insights for database administrators, cybersecurity professionals, and regulatory bodies working to fortify engineering databases against sophisticated cyberattacks.
