Abstract
Cyber criminals increasingly target Small and Medium Sized Businesses (SMEs) since they are perceived to have the weakest defences. Some will not survive a cyber attack, and others will have their ability to continue trading seriously impaired. There is compelling evidence that, at present, SMEs do not seem to be implementing all the advisable security measures which could help them to resist such attacks. Many in the security industry believe that this is because SMEs do not take the threat seriously. This paper reports on a study to find out whether this is the case, or not. The primary finding is that most SMEs do care about the threat but that very few implement even a small subset of the available security precautions. One contributory factor seemed to be the uncertainty caused by the wealth of conflicting and confusing online advice offered by industry and official bodies. This seemed to be hindering rather than helping SMEs so that they did not know what actions to take to improve their resilience. The conclusion is a recommendation for actions to be taken to better inform SMEs and help them to secure their systems more effectively.
| Original language | English |
|---|---|
| Title of host publication | 2016 Cybersecurity and Cyberforensics Conference (CCC) |
| Place of Publication | Piscataway, NJ. |
| Publisher | IEEE |
| Pages | 137-143 |
| Number of pages | 8 |
| ISBN (Print) | 9781509026579 |
| DOIs | |
| Publication status | Published - 20 Oct 2016 |
| Event | 1st Cybersecurity and Cyberforensics Conference, CCC 2016 - Amman, Jordan Duration: 2 Aug 2016 → 4 Aug 2016 |
Conference
| Conference | 1st Cybersecurity and Cyberforensics Conference, CCC 2016 |
|---|---|
| Country/Territory | Jordan |
| City | Amman |
| Period | 2/08/16 → 4/08/16 |
Keywords
- measurement uncertainty
- computer security
- loss measurement
- small to medium enterprises