Cybersecurity and the unbearability of uncertainty

Karen Renaud, George R S Weir

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

14 Citations (Scopus)
132 Downloads (Pure)


Cyber criminals increasingly target Small and Medium Sized Businesses (SMEs) since they are perceived to have the weakest defences. Some will not survive a cyber attack, and others will have their ability to continue trading seriously impaired. There is compelling evidence that, at present, SMEs do not seem to be implementing all the advisable security measures which could help them to resist such attacks. Many in the security industry believe that this is because SMEs do not take the threat seriously. This paper reports on a study to find out whether this is the case, or not. The primary finding is that most SMEs do care about the threat but that very few implement even a small subset of the available security precautions. One contributory factor seemed to be the uncertainty caused by the wealth of conflicting and confusing online advice offered by industry and official bodies. This seemed to be hindering rather than helping SMEs so that they did not know what actions to take to improve their resilience. The conclusion is a recommendation for actions to be taken to better inform SMEs and help them to secure their systems more effectively.

Original languageEnglish
Title of host publication2016 Cybersecurity and Cyberforensics Conference (CCC)
Place of PublicationPiscataway, NJ.
Number of pages8
ISBN (Print)9781509026579
Publication statusPublished - 20 Oct 2016
Event1st Cybersecurity and Cyberforensics Conference, CCC 2016 - Amman, Jordan
Duration: 2 Aug 20164 Aug 2016


Conference1st Cybersecurity and Cyberforensics Conference, CCC 2016


  • measurement uncertainty
  • computer security
  • loss measurement
  • small to medium enterprises


Dive into the research topics of 'Cybersecurity and the unbearability of uncertainty'. Together they form a unique fingerprint.

Cite this