DeepAI AI Chat
Log In Sign Up

Developing cybersecurity education and awareness programmes for Small and medium-sized enterprises (SMEs)

by   Maria Bada, et al.
University of Cambridge
University of Kent

Purpose: An essential component of an organisation's cybersecurity strategy is building awareness and education of online threats, and how to protect corporate data and services. This research article focuses on this topic and proposes a high-level programme for cybersecurity education and awareness to be used when targeting Small-to-Medium-sized Enterprises/Businesses (SMEs/SMBs) at a city-level. We ground this programme in existing research as well as unique insight into an ongoing city-based project with similar aims. Findings: We find that whilst literature can be informative at guiding education and awareness programmes, it may not always reach real-world programmes. On the other hand, existing programmes, such as the one we explored, have great potential but there can also be room for improvement. Knowledge from each of these areas can, and should, be combined to the benefit of the academic and practitioner communities. Originality/value: The study contributes to current research through the outline of a high-level programme for cybersecurity education and awareness targeting SMEs/SMBs. Through this research, we engage in a reflection of literature in this space, and present insights into the advances and challenges faced by an on-going programme. These analyses allow us to craft a proposal for a core programme that can assist in improving the security education, awareness and training that targets SMEs/SMBs.


page 1

page 2

page 3

page 4


Classifying SMEs for Approaching Cybersecurity Competence and Awareness

Cybersecurity is increasingly a concern for small and medium-sized enter...

Socialbots and the Challenges of Cyberspace Awareness

As security communities brace for the emerging social automation based t...

Research and Education Towards Smart and Sustainable World

We propose a vision for directing research and education in the ICT fiel...

Small Private Online Judge: A New Tool for Empirical Education Research

This paper puts forward the concept of Small Private Online Judge (SPOJ)...

A Study of Different Awareness Campaigns in a Company

Phishing is a major cyber threat to organizations that can cause financi...

Report from Dagstuhl Seminar 23031: Frontiers of Information Access Experimentation for Research and Education

This report documents the program and the outcomes of Dagstuhl Seminar 2...

What breach? Measuring online awareness of security incidents by studying real-world browsing behavior

Awareness about security and privacy risks is important for developing g...