The Small and Medium-sized Enterprises’ (SMEs) level of organizational cybersecurity readiness has been poorly investigated to date. Currently, all SMEs need to maintain an adequate level of cybersecurity to run their businesses, not only those wishing to fully exploit digitalization’s benefits. Unfortunately, due to their lack of resources, skills, and their low level of cyber awareness, SMEs often seem unprepared. It is important that they address the digital threats that they face by using technology and complementary (and not alternative) factors, such as guidelines, formal policies, and training. All these elements trigger development processes regarding skills, awareness, the organizational cybersecurity culture, and the organizational resilience. This paper describes Italy’s first multidisciplinary attempt to assess its SMEs' overall cybersecurity readiness level. The authors used a survey as its initial quantitative assessment approach, although SMEs can also use it as a cyber self-assessment tool, which prepares them better to navigate the digital ecosystem. Thereafter, the authors held semi-structured interviews to explore the critical points that had emerged from the study's first phase. The overall results show that SMEs have not as yet achieved high levels of organizational readiness have. SMEs are currently starting to set the stage for their organizational cyber readiness and will therefore take many more proactive steps to address their cyber issues.
Assessing SMEs cybersecurity organizational readiness: Findings from an Italian survey / Martina Neri, Federico Niccolini, Rosario Pugliese. - STAMPA. - (2022), pp. 0-0. (Intervento presentato al convegno Knowledge Management Conference 2022 (KM2022)).
Assessing SMEs cybersecurity organizational readiness: Findings from an Italian survey
Rosario Pugliese
2022
Abstract
The Small and Medium-sized Enterprises’ (SMEs) level of organizational cybersecurity readiness has been poorly investigated to date. Currently, all SMEs need to maintain an adequate level of cybersecurity to run their businesses, not only those wishing to fully exploit digitalization’s benefits. Unfortunately, due to their lack of resources, skills, and their low level of cyber awareness, SMEs often seem unprepared. It is important that they address the digital threats that they face by using technology and complementary (and not alternative) factors, such as guidelines, formal policies, and training. All these elements trigger development processes regarding skills, awareness, the organizational cybersecurity culture, and the organizational resilience. This paper describes Italy’s first multidisciplinary attempt to assess its SMEs' overall cybersecurity readiness level. The authors used a survey as its initial quantitative assessment approach, although SMEs can also use it as a cyber self-assessment tool, which prepares them better to navigate the digital ecosystem. Thereafter, the authors held semi-structured interviews to explore the critical points that had emerged from the study's first phase. The overall results show that SMEs have not as yet achieved high levels of organizational readiness have. SMEs are currently starting to set the stage for their organizational cyber readiness and will therefore take many more proactive steps to address their cyber issues.I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.