Towards a Cyber Security Label for SMEs: A European Perspective

Ponsard, Christophe; Grandclaudon, Jeremy; Dallons, Gautier

doi:10.5220/0006657604260431

Cited by 14 publications

(8 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ponsard et al [33] try to develop a cybersecurity label for SMEs supported and accredited by third party cybersecurity risk experts. The defined goals were to raise the awareness of SMEs to the risks that they are facing in European countries.…”

Section: Case Studies and Related Workmentioning

confidence: 99%

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

Antunes

Maximiano

Gomes

et al. 2021

JCP

View full text Add to dashboard Cite

Information security plays a key role in enterprises management, as it deals with the confidentiality, privacy, integrity, and availability of one of their most valuable resources: data and information. Small and Medium-sized enterprises (SME) are seen as a blind spot in information security and cybersecurity management, which is mainly due to their size, regional and familiar scope, and financial resources. This paper presents an information security and cybersecurity management project, in which a methodology based on the well-known ISO-27001:2013 standard was designed and implemented in fifty SMEs that were located in the center region of Portugal. The project was conducted by a business association located at the center of Portugal and mainly participated by SMEs. The Polytechnic of Leiria and an IT auditing/consulting team were the other two entities that participated on the project. The characterisation of the participating enterprises, the ISO-27001:2013 based methodology developed and implemented in SMEs, as well as the results obtained in this case study, are depicted and analysed in the paper. The attained results show a clear benefit to the audited and intervened SMEs, being mainly attested by the increasing of their information security management robustness and collaborators’ cyberawareness.

show abstract

Section: Case Studies and Related Workmentioning

confidence: 99%

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

Antunes

Maximiano

Gomes

et al. 2021

JCP

View full text Add to dashboard Cite

show abstract

“…According to the Global Cyber Safety Index 2020, Denmark has the highest level of cyber security, while Myanmar has the lowest. The 2020 National Cyber Security Index Email phishing and pharming are the most frequently reported online threats to US consumers, accounting for approximately 33 percent of all reported cybercrime smoothly (Alahmari & Duncan, 2020;Nobles & Burrell, 2018;Ponsard et al, 2018). Meanwhile, over 110,000 instances of nonpayment and non-delivery have been recorded, accounting for 14.9 percent of all cybercrimes in the United States (Ponsard et al, 2018).…”

Section: Introductionmentioning

confidence: 99%

“…The 2020 National Cyber Security Index Email phishing and pharming are the most frequently reported online threats to US consumers, accounting for approximately 33 percent of all reported cybercrime smoothly (Alahmari & Duncan, 2020;Nobles & Burrell, 2018;Ponsard et al, 2018). Meanwhile, over 110,000 instances of nonpayment and non-delivery have been recorded, accounting for 14.9 percent of all cybercrimes in the United States (Ponsard et al, 2018). Extortion, which uses ransomware to infiltrate data and devices and then demands bitcoin or another form of payment, is the third most prevalent form of cybercrime.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

CYBER SECURITY IN SMALL AND MEDIUM ENTERPRISES (SMEs)

Wallang

Shariffuddin

Mokhtar

2022

jgd

View full text Add to dashboard Cite

The Fourth Industrial Revolution (IR4.0) has provided immense benefits for the sustainability of businesses, with many businessesutilising websites to sell their products and services internationally. Cybersecurity has nonetheless emerged as one of the most significant global challenges posed by this new digitization trend. Currently, more than sixty percent of commercial transactions are conducted online or via digital wallets, necessitating exceptional security for transparent and secure transactions. Individuals are unable to maintain the security of their private data because of these evolving technologies, and cybercrime is on the rise. Information security is one of the most complex issues currently. Cybercrimes, which are increasing at an alarming rate, are the first thing that comes to mind when we think about cyber security. Consequently, numerous governments and corporations are enhancing their cybersecurity tools to combat cybercrime. Despite numerous precautions, cyber threats remain a major concern not only for government and large businesses, but also for Small and Medium-Sized Businesses (SMEs) companies. This paper examines the challenges and solutions faced by small and medium-sized enterprises (SMEs) in relation to cyber security issues. In addition, it also examines the Malaysian context that may hinder the cybersecurity adoption gap for risk mitigation and high security in operational and development business environments.

show abstract

“…As a result, the protection of information and information systems has become an important responsibility of modern organizations. While an IS program is necessary for organizations to survive, it requires substantial financial investments (Leszczyna & Litwin, 2020) and consid-erable managerial effort since information security management (ISM) is a complex task (Ponsard et al, 2018). Outsourcing has already been identified as a somewhat effective solution for efficient and cost-effective IS programs (Cezar et al, 2016).…”

Section: Introductionmentioning

confidence: 99%

Outsource or not? An AHP Based Decision Model for Information Security Management

2022

View full text Add to dashboard Cite

Purpose: Outsourcing information security has proven to be an efficient solution for information security management; however, it may not be the most suitable approach for every organization. This research aimed to develop a multi-criteria decision-making model that would enable organizations to determine which approach to information security management (outsourcing or internal management) is more suitable for their needs and capabilities. Methods: Our study utilized several different research methods. First, the decision criteria were identified by reviewing related work and then selected by information security experts in a focus group. Second, a survey was conducted among information security practitioners to assign the criteria weights. Third, four use cases were conducted with four real-world organizations to assess the usability, ease of use, and usefulness of the developed model. Results: We developed a ten-criteria model based on the analytic hierarchy process. The survey results promote performance-related criteria as more important than efficiency-focused criteria. Evidence from use cases proves that the decision model is useful and appropriate for various organizations. Conclusion: To make informed decisions on approaching information security management, organizations must first conduct a thorough analysis of their capabilities and needs and investigate potential external contractors. In such a case, the proposed model can serve as a useful support tool in the decision-making process to obtain clear recommendations tailored to factual circumstances.

show abstract

Towards a Cyber Security Label for SMEs: A European Perspective

Cited by 14 publications

References 0 publications

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

CYBER SECURITY IN SMALL AND MEDIUM ENTERPRISES (SMEs)

Outsource or not? An AHP Based Decision Model for Information Security Management

Contact Info

Product

Resources

About