A survey on the cyber security of Small-to-Medium businesses: Challenges, research focus and recommendations

A. Chidukwani; S. Zander; P. Koutsakis

doi:10.1109/ACCESS.2022.3197899

Back

A survey on the cyber security of Small-to-Medium businesses: Challenges, research focus and recommendations

Journal article

Open access

Peer reviewed

A survey on the cyber security of Small-to-Medium businesses: Challenges, research focus and recommendations

A. Chidukwani, S. Zander and P. Koutsakis

IEEE Access, Vol.10, pp.85701-85719

2022

DOI: https://doi.org/10.1109/ACCESS.2022.3197899

Files and links (2)

pdf

Cyber_Security.pdfDownload View

Published (Version of Record) Open Access

url

Free to Read *No subscription requiredView

Abstract

Small-to-medium sized businesses (SMBs) constitute a large fraction of many countries’ economies but according to the literature SMBs are not adequately implementing cyber security which leaves them susceptible to cyber-attacks. Furthermore, research in cyber security is rarely focused on SMBs, despite them representing a large proportion of businesses. In this paper we review recent research on the cyber security of SMBs, with a focus on the alignment of this research to the popular NIST Cyber Security Framework (CSF). From the literature we also summarise the key challenges SMBs face in implementing good cyber security and conclude with key recommendations on how to implement good cyber security. We find that research in SMB cyber security is mainly qualitative analysis and narrowly focused on the Identify and Protect functions of the NIST CSF with very little work on the other existing functions. SMBs should have the ability to detect, respond and recover from cyber-attacks, and if research lacks in those areas, then SMBs may have little guidance on how to act. Future research in SMB cyber security should be more balanced and researchers should adopt well-established powerful quantitative research approaches to refine and test research whilst governments and academia are urged to invest in incentivising researchers to expand their research focus.

Details

Title: A survey on the cyber security of Small-to-Medium businesses: Challenges, research focus and recommendations
Authors/Creators: A. Chidukwani (Author/Creator) - Murdoch University
S. Zander (Author/Creator) - Murdoch University
P. Koutsakis (Author/Creator) - Murdoch University
Publication Details: IEEE Access, Vol.10, pp.85701-85719
Publisher: IEEE
Identifiers: 991005541828407891
Murdoch Affiliation: School of Information Technology
Language: English
Resource Type: Journal article

Metrics

447 File views/ downloads

928 Record Views

55 Times Cited - Web of Science

InCites Highlights

These are selected metrics from InCites Benchmarking & Analytics tool, related to this output

Citation topics: 4 Electrical Engineering, Electronics & Computer Science; 4.187 Security Systems; 4.187.1592 Cyber Defense
Web Of Science research areas: Computer Science, Information Systems; Engineering, Electrical & Electronic; Telecommunications
ESI research areas: Engineering