Cybersecurity for Small and Medium-Sized Businesses

Year 2022, Volume: 3 Issue: 1, 21 - 38, 17.11.2023

Oliver A. Luukkonen Yeşim Ülgen Sönmez

Abstract

Cybersecurity is all the devices and software applications that protect computers, networks, software, critical systems, and data from possible digital threats. The organizations have a responsibility to secure data to maintain customer trust and ensure regulatory compliance. They use cybersecurity measures and tools to protect sensitive data from unauthorized access, as well as prevent disruption to business operations due to unwanted network activity, and implement cybersecurity by streamlining digital defense across employees, processes, and technologies. Small and medium-sized businesses (SMBs) which make up a large portion of organizations, contribute greatly to the economies of many countries. However, SMBs tend to not care enough about cyber security or do not have the resources to implement it. Additionally, cybersecurity research rarely focuses on SMBs. SMBs have extensively switched to remote/hybrid working due to the global pandemic COVID-19 and this transition to remote/hybrid working methods had to adopt new digital strategies and technologies very quickly. This situation has led to the emergence of more cyber risks and cyber-attacks. This study highlights that it is crucial to strengthen SMBs and future preparedness against cybersecurity threats. Specifically, in this study, cyber security problems and deficiencies in SMBs are identified and suggestions are offered to eliminate them. Also, the work has shown the importance of why the countries should give importance to SMB cybersecurity as well as the defense industry and future studies should focus more on SMB cybersecurity applications.

Keywords

Medium Businesses, Small Businesses, SMBs Cybersecurity, SMB Cyber-attacks, SMB Defense Techniques

References

• ALAHMARI, A. & DUNCAN, B. (2020). Cybersecurity risk management in small and Medium-Sized Enterprises: A Systematic Review of Recent Evidence. In Int. Conf. on Cyber Situational Awareness, Data Analytics and Assessment (pp. 1–5). Retrieved from https://doi.org/10.1109/CyberSA49311.2020.9139638
• BHATTACHARYA, D. (2015). Evolution of cybersecurity issues in small businesses, Technology. In 4th Annual Conference on Research in Information (p. 11). Chicago, Illinois, USA. Retrieved from https://doi.org/10.1145/2808062.280806
• CAMBRIDGE DICTIONARY. (2023). Retrieved 7 October 2023, from https://dictionary.cambridge.org/tr/
• CHIDUKWANI, A., ZANDER, S., & KOUTSAKIS, P. (2022). A Survey on the Cyber Security of Small-to-Medium Businesses: Challenges, Research Focus and Recommendations. IEEE Access, 10(August), 85701–85719. Retrieved from https://doi.org/10.1109/ACCESS.2022.3197899
• CYBERSECURITY. (2023). Retrieved 8 October 2023, from https://business.defense.gov/Work-with-us/Cybersecurity/
• DEMİR, S., SARIIŞIK, G., & ÖĞÜTLÜ, A. S. (2022). KOBİ lerin Endüstri 4.0 Farkındalık ve Olgunluk Seviyesinin Belirlenmesi: Şanlıurfa İli Örneği (Determination of Industry 4.0 Awareness and Maturity Level of SMEs: The Example of Şanlıurfa Province). Journal of Business Research - Turk, 14(4), 2938–2955. Retrieved from https://doi.org/10.20491/isarder.2022.1543
• EAVES, S. (2023). Security for Small and Medium-Sized Businesses | IoT Security Podcast | PSA Certified. Retrieved 7 October 2023, from https://www.psacertified.org/blog/iot-security-for-small-medium-businesses-podcast/
• ELEZAJ, O., YAYILGAN, S. Y., ABOMHARA, M., YENG, P., & AHMED, J. (2019). Data-Driven Intrusion Detection System for Small and Medium Enterprises. In IEEE 24th Int. Workshop on Computer Aided Modeling and Design of Communication Links and Networks (pp. 1–7). Limassol, Cyprus. Retrieved from https://doi.org/10.1109/CAMAD.2019.8858166.
• EŞ, A., & SERDAR, N. (2021). SİBER Saldirilara Karşı Kobilerin Farkındalık Düzeylerini Incelenmesi: Ankara Ili Örneği. Journal of Duzce University Institute of Social Sciences, 11(1), 133–151.
• GAFNI, R., & PAVEL, T. (2019). The invisible hole of information on SMB’s cybersecurity. Online Journal of Applied Knowledge Management (OJAKM), 7(1), 14–26.
• HEIKKILA, M., RATTYA, A., PIESKA, A. S., & JANSA, J. (2016). Security Challenges in Small- and Medium-Sized Manufacturing Enterprises. In Int. Symp. On Small-scale Intelligent Manufacturing Systems (pp. 25–30). Narvik, Norway. Retrieved from https://doi.org/10.1109/SIMS.2016.7802895
• IYEM, C., & DANYAL, Y. (2021). Teknoloji Geliştirme Bölgelerinde COVID-19 Pandemisi Üzerine Nitel Bir Araştırma: KOBİ’lerde Dayanıklılığı Artırmak İçin Acil Durum ve İş Sürekliliği. Ekonomik ve Sosyal Boyutlarıyla PANDEMİ, 89–162.
• LEVY, Y., & GAFNI, R. (2022). Towards the quantification of cybersecurity footprint for SMBs using the CMMC 2.0. Online Journal of Applied Knowledge Management, 10(1), 43–61. Retrieved from https://doi.org/10.36965/ojakm.2022.10(1)43-61
• NCUBUKEZI, T., MWANSA, L., & ROCARIES, F. (2020). A Review of the Current Cyber Hygiene in Small and Medium-sized Businesses, In 15th Int. Conf. for Internet Technology and Secured Transactions (pp. 1–6). London, United Kingdom. Retrieved from doi: 10.23919/ICITST51030.2020.9351339
• PAULSEN, C. (2016). Cyber Securing Small Businesses. Computer, 49(8), 92–97. Retrieved from https://doi.org/10.1109/MC.2016.223
• PONEMON INSTITUTE. (2018). Retrieved from Https://www.keepersecurity.com/assets/pdf/Keeper-2018-Ponemon-Report.pdf
• SALEEM, J., ABEDISI, B., ANDE, R., & HAMMOUDEH, M. (2017). A state of the art survey – Impact of cyber-attacks on SME’s. In Int. Conf. on Future Networks and Distributed Systems ’17 (pp. 1–7). Cambridge, United Kingdom. Retrieved from https://doi.org/10.1145/3102304.3109812.
• SECURITY TECHNICAL IMPLEMENTATION GUIDES – DoD CYBER EXCHANGE. (2023). Retrieved 8 October 2023, from https://public.cyber.mil
• TEYMOURLOUEI, H. & HARRIS, V. E. (2019). Effective methods to monitor IT infrastructure security for small business. In Computational Science and Computational Intelligence (pp. 7–13). Las Vegas, NV, USA. Retrieved from https://doi.org/10.1109/CSCI49370.2019.00009
• U.S. SMALL BUSINESS ADMINISTRATION (2023). Retrieved 7 October 2023, from https://www.sba.gov/business-guide/manage-your-business/stay-safe-cybersecurity-threatsVerizon
• WORLD BANK SME FINANCE: Development news, research, data | World Bank. (2023). Retrieved 6 October 2023, from https://www.worldbank.org/en/topic/smefinance
• ZEC, M. (2015). Cyber security Measures in SMEs: a study of IT professionals’ organizational cyber security awareness. Linnaeus University, Kalmar. Zugriff Unter Http://Www …, 1–99. Retrieved from https://www.diva-portal.org/smash/get/diva2:849211/ATTACHMENT01.pdf