Cybersecurity Awareness and Capacities of SMEs
21st December, 2023
Authors Gencer Erdogan, Ragnhild Halvorsrud, Costas Boletsis, Simeon Tverdal and John Brian Pickering
Abstract:
Small and Medium Enterprises (SMEs) are increasingly exposed to cyber risks. Some of the main reasons include budget constraints, the employees’ lack of cybersecurity awareness, cross-sectoral cyber risks, lack of security practices at organizational level, and so on. To equip SMEs with appropriate tools and guidelines that help mitigate their exposure to cyber risk, we must better understand the SMEs’ context and their needs. Thus, the contribution of this paper is a survey based on responses collected from 141 SMEs based in the UK, where the objective is to obtain information to better understand their level of cybersecurity awareness and practices they apply to protect against cyber risks. Our results indicate that although SMEs do apply some basic cybersecurity measures to mitigate cyber risks, there is a general lack of cybersecurity awareness and lack of processes and tools to improve cybersecurity practices. Our findings provide to the cybersecurity community a better understa nding of the SME context in terms of cybersecurity awareness and cybersecurity practices, and may be used as a foundation to further develop appropriate tools and processes to strengthen the cybersecurity of SMEs.
Authors: Gencer Erdogan, Ragnhild Halvorsrud, Costas Boletsis, Simeon Tverdal and John Brian Pickering
The paper can be found at the following link: http://dx.doi.org/10.5220/0011609600003405