TY - GEN
T1 - Towards a Conceptual Framework for Cybersecurity Skill Requirements in Small and Medium-Sized Enterprises
AU - Mkhulisi, Ndimamkele
AU - Dube, Shopee
AU - Radebe, Fani
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Cybersecurity poses a critical challenge for small and medium-sized enterprises (SMEs), which often operate with limited resources and expertise. Despite the growing recognition of these challenges, existing literature frequently neglects the specific needs and constraints of SMEs, particularly regarding tailored frameworks to enhance their resilience against cyberthreats. This study addresses this gap by proposing a conceptual framework designed to bolster the cybersecurity posture of SMEs. Key components of the framework include comprehensive training initiatives aimed at increasing awareness and preparedness for cyberthreats. The framework emphasizes a risk-based approach, advocating for threat-based cybersecurity risk assessments to effectively prioritize mitigation efforts. Additionally, it provides implementation guidelines for strong password policies and other fundamental security measures. By focusing on these areas, the framework seeks to cultivate a proactive cybersecurity culture within SMEs, empowering employees to identify and respond to threats. Ultimately, the study aims to equip SMEs with practical tools and strategies to navigate the complex and ever-evolving cybersecurity landscape, thereby fostering resilience and sustainability in the digital business environment.
AB - Cybersecurity poses a critical challenge for small and medium-sized enterprises (SMEs), which often operate with limited resources and expertise. Despite the growing recognition of these challenges, existing literature frequently neglects the specific needs and constraints of SMEs, particularly regarding tailored frameworks to enhance their resilience against cyberthreats. This study addresses this gap by proposing a conceptual framework designed to bolster the cybersecurity posture of SMEs. Key components of the framework include comprehensive training initiatives aimed at increasing awareness and preparedness for cyberthreats. The framework emphasizes a risk-based approach, advocating for threat-based cybersecurity risk assessments to effectively prioritize mitigation efforts. Additionally, it provides implementation guidelines for strong password policies and other fundamental security measures. By focusing on these areas, the framework seeks to cultivate a proactive cybersecurity culture within SMEs, empowering employees to identify and respond to threats. Ultimately, the study aims to equip SMEs with practical tools and strategies to navigate the complex and ever-evolving cybersecurity landscape, thereby fostering resilience and sustainability in the digital business environment.
KW - cybersecurity
KW - cyberthreats
KW - employees
KW - small and medium-sized enterprises (SMEs)
KW - training
UR - http://www.scopus.com/inward/record.url?scp=85218355157&partnerID=8YFLogxK
U2 - 10.1109/IMITEC60221.2024.10851058
DO - 10.1109/IMITEC60221.2024.10851058
M3 - Conference contribution
AN - SCOPUS:85218355157
T3 - Proceedings of 2024 4th International Multidisciplinary Information Technology and Engineering Conference, IMITEC 2024
SP - 408
EP - 415
BT - Proceedings of 2024 4th International Multidisciplinary Information Technology and Engineering Conference, IMITEC 2024
A2 - Zuva, Tranos
A2 - Brown, Andrew
A2 - Rikhotso, Musa
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 4th International Multidisciplinary Information Technology and Engineering Conference, IMITEC 2024
Y2 - 27 November 2024 through 29 November 2024
ER -