Abstract
As the number of Small and Medium Enterprises (SMEs) rises in the world, the amount of sensitive data used also increases, making them targets for cyberattacks. SMEs face a host of issues such as a lack of resources and poor cybersecurity talent, resulting in multiple vulnerabilities that increase overall risk. Cybersecurity risk assessment frameworks have been developed by multiple organizations such as the National Institute of Science and Technology (NIST) and the International Organization for Standardization (ISO), but they are complicated to understand and challenging to implement. This research aimed to create an effective cybersecurity risk assessment framework specifically for SMEs while considering their limitations. This was achieved by first identifying common threats and vulnerabilities and categorizing them according to their importance and risk. Secondly, popular frameworks like the NIST CSF and ISO 27001/2 were analyzed for their proficiencies and deficiencies while identifying relevant areas for SMEs. Finally, novel techniques catered to SMEs were explored and incorporated to create an effective framework for SMEs. This framework was also developed in the form of a tool, providing an interactive and dynamic environment. The tool was effective, and the framework is a promising start but requires more quantitative analysis.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
