- Browse/Search the Program
Search
Program Calendar
Browse By Day
Browse By Room
- Information Menu
Search Tips
Virtual Exhibit Hall
- Navigation and Settings Menu
Personal Schedule
Sign In
Protecting SMEs from Cyber Crime: Challenges and Pathways to Cyber Security Support
Fri, September 5, 6:30 to 7:45pm, Deree | Classrooms, DC 701Abstract
Small and medium-sized enterprises (SMEs) are prime targets for cybercriminals, facing attacks such as phishing, ransomware, business email compromise, and data breaches at rates comparable to larger organisations. However, many SMEs fail to recognise the severity of these threats, often underestimating both their own risk exposure and the sophistication of modern cybercriminal tactics.
This study examines how SME characteristics—such as size, sector, maturity, and security culture—affect their susceptibility to cybercrime, their level of preparedness, and their ability to detect and respond to attacks. Using a mixed-methods approach, the study surveyed 386 SMEs and conducted 12 in-depth interviews to analyse how these businesses experience and perceive cyber threats. One-way ANOVAs were used to evaluate differences in cybercrime risk across SME characteristics, while thematic analysis provided deeper insight into how SMEs understand and react to attacks. The findings reveal that many SMEs underestimate their cybersecurity risks, with past experiences of cyberattacks influencing how they perceive threats. Some SMEs also demonstrate misconceptions— believing they are “too small” to be attacked or that past cyber incidents are unlikely to recur. This overconfidence leads to significant vulnerabilities. Many SMEs lack adequate phishing detection capabilities, making them highly susceptible to social engineering attacks. Others fail to properly secure customer and financial data, increasing their risk of data breaches, identity theft, and regulatory penalties. Compounding these risks, SMEs frequently struggle to access the right cybersecurity support. A lack of awareness about available cybersecurity resources further contributes to poor risk management and reactive security postures.
These findings highlight the urgent need for tailored cybersecurity interventions that address SME-specific weaknesses and combat the evolving tactics of cybercriminals. The study’s insights will inform the development of Cyber Security Communities of Support (CyCOS), providing SMEs with targeted guidance, peer collaboration, and access to specialised tools to mitigate cybercrime risks more effectively.