A quest for research and knowledge gaps in cybersecurity awareness for small and medium-sized enterprises

IF 13.3 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computer Science Review Pub Date : 2023-09-12 DOI:10.1016/j.cosrev.2023.100592

Sunil Chaudhary , Vasileios Gkioulos , Sokratis Katsikas

{"title":"A quest for research and knowledge gaps in cybersecurity awareness for small and medium-sized enterprises","authors":"Sunil Chaudhary , Vasileios Gkioulos , Sokratis Katsikas","doi":"10.1016/j.cosrev.2023.100592","DOIUrl":null,"url":null,"abstract":"<div><p>The proliferation of information and communication technologies in enterprises enables them to develop new business models and enhance their operational and commercial activities. Nevertheless, this practice also introduces new cybersecurity risks and vulnerabilities. This may not be an issue for large organizations with the resources and mature cybersecurity programs in place; the situation with small and medium-sized enterprises (SMEs) is different since they often lack the resources, expertise, and incentives to prioritize cybersecurity. In such cases, cybersecurity awareness can be a critical component of cyberdefense. However, research studies dealing with cybersecurity awareness or related domains exclusively for SMEs are rare, indicating a pressing need for research addressing the cybersecurity awareness requirements of SMEs.</p><p>Prior to that, though, it is crucial to identify which aspects of cybersecurity awareness require further research in order to adapt or conform to the needs of SMEs. In this study, we conducted a systematic literature review that focused on cybersecurity awareness, prioritizing those performed with a particular focus on SMEs. The study seeks to analyze and evaluate such studies primarily to determine knowledge and research gaps in the cybersecurity awareness field for SMEs, thus providing a direction for future research.</p></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":null,"pages":null},"PeriodicalIF":13.3000,"publicationDate":"2023-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S157401372300059X","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The proliferation of information and communication technologies in enterprises enables them to develop new business models and enhance their operational and commercial activities. Nevertheless, this practice also introduces new cybersecurity risks and vulnerabilities. This may not be an issue for large organizations with the resources and mature cybersecurity programs in place; the situation with small and medium-sized enterprises (SMEs) is different since they often lack the resources, expertise, and incentives to prioritize cybersecurity. In such cases, cybersecurity awareness can be a critical component of cyberdefense. However, research studies dealing with cybersecurity awareness or related domains exclusively for SMEs are rare, indicating a pressing need for research addressing the cybersecurity awareness requirements of SMEs.

Prior to that, though, it is crucial to identify which aspects of cybersecurity awareness require further research in order to adapt or conform to the needs of SMEs. In this study, we conducted a systematic literature review that focused on cybersecurity awareness, prioritizing those performed with a particular focus on SMEs. The study seeks to analyze and evaluate such studies primarily to determine knowledge and research gaps in the cybersecurity awareness field for SMEs, thus providing a direction for future research.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

对中小型企业网络安全意识的研究和知识差距的探索

信息和通信技术在企业中的普及使它们能够发展新的商业模式，加强其经营和商业活动。尽管如此，这种做法也带来了新的网络安全风险和漏洞。对于拥有资源和成熟网络安全计划的大型组织来说，这可能不是一个问题；中小企业的情况有所不同，因为它们往往缺乏资源、专业知识和激励措施来优先考虑网络安全。在这种情况下，网络安全意识可能是网络防御的关键组成部分。然而，专门针对中小企业的网络安全意识或相关领域的研究很少，这表明迫切需要针对中小企业网络安全意识要求进行研究。不过，在此之前，至关重要的是要确定网络安全意识的哪些方面需要进一步研究，以适应或符合中小企业的需求。在这项研究中，我们进行了一项系统的文献综述，重点关注网络安全意识，优先考虑那些特别关注中小企业的研究。该研究旨在分析和评估此类研究，主要是为了确定中小企业在网络安全意识领域的知识和研究差距，从而为未来的研究提供方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer Science Review Computer Science-General Computer Science

CiteScore

32.70

自引率

0.00%

发文量

审稿时长

51 days

期刊介绍： Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.