Skip navigation

Exploring the economic role of cybersecurity in SMEs: A case study of the UK

Exploring the economic role of cybersecurity in SMEs: A case study of the UK

Arroyabe, Marta F. ORCID logoORCID: https://orcid.org/0000-0003-3223-0268, Fernandez De Arroyabe Arranz, Carlos F.A. ORCID logoORCID: https://orcid.org/0000-0002-6866-0684, Fernandez De Arroyabe, Ignacio and Fernandez de Arroyabe, Juan Carlos ORCID logoORCID: https://orcid.org/0000-0003-1451-3782 (2024) Exploring the economic role of cybersecurity in SMEs: A case study of the UK. Technology in Society, 78:102670. pp. 1-10. ISSN 0160-791X (doi:10.1016/j.techsoc.2024.102670)

[thumbnail of VoR]
Preview
PDF (VoR)
47828_FERNANDEZ DE ARROYABLE_Exploring_the_economic_role_of_cybersecurity_in_SMEs_A_case_study_of_the_UK.pdf - Published Version
Available under License Creative Commons Attribution.

Download (761kB) | Preview

Abstract

This study explores the economic role of cybersecurity in Small and Medium Enterprises (SMEs), situating cybersecurity within the framework of merit-goods within the economic theory of market failures and public goods. By examining 240 SMEs across the UK, the empirical findings of this investigation underscore its classification as a merit-good due to its extensive social benefits and the critical gap in its optimal provision. The results confirm the existence of market failure, such as the lack and asymmetry of information regarding cybersecurity, acknowledging the myopia and lack of information within SMEs, leading to suboptimal implementation of cybersecurity. Moreover, the lack of optimal implementation is evidenced by the findings indicating that neither cybersecurity incidents nor cybersecurity impacts in SMEs drive the implementation of cybersecurity. Additionally, we observe that implementation is more focused on control systems than on management systems, which is a significant differentiating factor from large enterprises. The study contributes theoretically by framing cybersecurity as a merit-good, provides managerial insights into SME cybersecurity practices, and emphasizes the importance of nuanced policies to bridge the implementation gap.

Item Type: Article
Uncontrolled Keywords: cybersecurity; SME; merit-good; cybersecurity control; cybersecurity management; cybersecurity incidents
Subjects: H Social Sciences > H Social Sciences (General)
H Social Sciences > HB Economic Theory
H Social Sciences > HD Industries. Land use. Labor > HD61 Risk Management
Faculty / School / Research Centre / Research Group: Greenwich Business School
Greenwich Business School > Networks and Urban Systems Centre (NUSC)
Greenwich Business School > Networks and Urban Systems Centre (NUSC) > Connected Cities Research Group (CCRG)
Greenwich Business School > School of Business, Operations and Strategy
Last Modified: 09 Sep 2024 15:19
URI: http://gala.gre.ac.uk/id/eprint/47828

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics