Picture map of Europe with pins indicating European capital cities

Open Access research with a European policy impact...

The Strathprints institutional repository is a digital archive of University of Strathclyde's Open Access research outputs. Strathprints provides access to thousands of Open Access research papers by Strathclyde researchers, including by researchers from the European Policies Research Centre (EPRC).

EPRC is a leading institute in Europe for comparative research on public policy, with a particular focus on regional development policies. Spanning 30 European countries, EPRC research programmes have a strong emphasis on applied research and knowledge exchange, including the provision of policy advice to EU institutions and national and sub-national government authorities throughout Europe.

Explore research outputs by the European Policies Research Centre...

Cybersecurity and the unbearability of uncertainty

Renaud, Karen and Weir, George R S (2016) Cybersecurity and the unbearability of uncertainty. In: 2016 Cybersecurity and Cyberforensics Conference (CCC). Institute of Electrical and Electronics Engineers Inc., Piscataway, NJ, pp. 137-143. ISBN 9781509026579

[img]
Preview
Text (Renaud-Weir-CCC-2016-Cybersecurity-and-the-unbearability)
Renaud_Weir_CCC_2016_Cybersecurity_and_the_unbearability.pdf - Accepted Author Manuscript

Download (408kB) | Preview

Abstract

Cyber criminals increasingly target Small and Medium Sized Businesses (SMEs) since they are perceived to have the weakest defences. Some will not survive a cyber attack, and others will have their ability to continue trading seriously impaired. There is compelling evidence that, at present, SMEs do not seem to be implementing all the advisable security measures which could help them to resist such attacks. Many in the security industry believe that this is because SMEs do not take the threat seriously. This paper reports on a study to find out whether this is the case, or not. The primary finding is that most SMEs do care about the threat but that very few implement even a small subset of the available security precautions. One contributory factor seemed to be the uncertainty caused by the wealth of conflicting and confusing online advice offered by industry and official bodies. This seemed to be hindering rather than helping SMEs so that they did not know what actions to take to improve their resilience. The conclusion is a recommendation for actions to be taken to better inform SMEs and help them to secure their systems more effectively.