“…To date, cyber-attacks continue to increase and the success of governing bodies in addressing cybersecurity risks and security breaches is relatively unknown. 1 Although there are studies related to cybersecurity that provide research summaries in the areas of (1) cybersecurity disclosures, (2) cybersecurity investment, (3) economic consequences to cybersecurity incidents, and (4) manager and auditor responses to cybersecurity risks (Haapama¨ki and Sihvonen 2019;Richardson, Smith, and Weidenmier Watson 2019;Walton, Wheeler, Zhang, and Zhao 2021;Wilkin and Chenhall 2020), the role of IT as a governance tool to combat cyber-attacks has not been fully explored. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks, using a combination of words to search for relevant studies published in top peer-reviewed journals.…”