Assessing and Improving Cybersecurity Maturity for SMEs: Standardization aspects
It addresses cybersecurity challenges for SMEs, which are frequent targets of attacks but have limited resources, though the approach appears incremental as it builds on existing standards.
This research tackles the problem of limited cybersecurity capabilities in SMEs by proposing an approach that integrates key elements from existing industry standards to assess and improve their cybersecurity maturity, aiming to enhance sustainability against increasing risks.
SMEs constitute a very large part of the economy in every country and they play an important role in economic growth and social development. SMEs are frequent targets of cybersecurity attacks similar to large enterprises. However, unlike large enterprises, SMEs mostly have limited capabilities regarding cybersecurity practices. Given the increasing cybersecurity risks and the large impact that the risks may bring to the SMEs, assessing and improving the cybersecurity capabilities is crucial for SMEs for sustainability. This research aims to provide an approach for SMEs for assessing and improving their cybersecurity capabilities by integrating key elements from existing industry standards.