Exploring the economic role of cybersecurity in SMEs: A case study of the UK
Arroyabe, Marta F. ORCID: https://orcid.org/0000-0003-3223-0268, Fernandez De Arroyabe Arranz, Carlos F.A. ORCID: https://orcid.org/0000-0002-6866-0684, Fernandez De Arroyabe, Ignacio and Fernandez de Arroyabe, Juan Carlos ORCID: https://orcid.org/0000-0003-1451-3782 (2024) Exploring the economic role of cybersecurity in SMEs: A case study of the UK. Technology in Society, 78:102670. pp. 1-10. ISSN 0160-791X (doi:10.1016/j.techsoc.2024.102670)
Preview |
PDF (VoR)
47828_FERNANDEZ DE ARROYABLE_Exploring_the_economic_role_of_cybersecurity_in_SMEs_A_case_study_of_the_UK.pdf - Published Version Available under License Creative Commons Attribution. Download (761kB) | Preview |
Abstract
This study explores the economic role of cybersecurity in Small and Medium Enterprises (SMEs), situating cybersecurity within the framework of merit-goods within the economic theory of market failures and public goods. By examining 240 SMEs across the UK, the empirical findings of this investigation underscore its classification as a merit-good due to its extensive social benefits and the critical gap in its optimal provision. The results confirm the existence of market failure, such as the lack and asymmetry of information regarding cybersecurity, acknowledging the myopia and lack of information within SMEs, leading to suboptimal implementation of cybersecurity. Moreover, the lack of optimal implementation is evidenced by the findings indicating that neither cybersecurity incidents nor cybersecurity impacts in SMEs drive the implementation of cybersecurity. Additionally, we observe that implementation is more focused on control systems than on management systems, which is a significant differentiating factor from large enterprises. The study contributes theoretically by framing cybersecurity as a merit-good, provides managerial insights into SME cybersecurity practices, and emphasizes the importance of nuanced policies to bridge the implementation gap.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | cybersecurity; SME; merit-good; cybersecurity control; cybersecurity management; cybersecurity incidents |
Subjects: | H Social Sciences > H Social Sciences (General) H Social Sciences > HB Economic Theory H Social Sciences > HD Industries. Land use. Labor > HD61 Risk Management |
Faculty / School / Research Centre / Research Group: | Greenwich Business School Greenwich Business School > Networks and Urban Systems Centre (NUSC) Greenwich Business School > Networks and Urban Systems Centre (NUSC) > Connected Cities Research Group (CCRG) Greenwich Business School > School of Business, Operations and Strategy |
Last Modified: | 09 Sep 2024 15:19 |
URI: | http://gala.gre.ac.uk/id/eprint/47828 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year