Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach
<div><p>Information-technology (IT) security standards are regularly updated in a rapidly changing technological world to maintain pace with advanced technologies. This study was motivated by the realization that established IT risk-management frameworks might provide an adequate defence...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | |
| منشور في: |
2023
|
| الموضوعات: | |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1864513526431744000 |
|---|---|
| author | Khalifa AL-Dosari (17931434) |
| author2 | Noora Fetais (16084859) |
| author2_role | author |
| author_facet | Khalifa AL-Dosari (17931434) Noora Fetais (16084859) |
| author_role | author |
| dc.creator.none.fl_str_mv | Khalifa AL-Dosari (17931434) Noora Fetais (16084859) |
| dc.date.none.fl_str_mv | 2023-08-28T03:00:00Z |
| dc.identifier.none.fl_str_mv | 10.3390/electronics12173629 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/Risk-Management_Framework_and_Information-Security_Systems_for_Small_and_Medium_Enterprises_SMEs_A_Meta-Analysis_Approach/25285192 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Engineering Control engineering, mechatronics and robotics Electrical engineering Electronics, sensors and digital hardware cybersecurity information security risk management risk assessment |
| dc.title.none.fl_str_mv | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <div><p>Information-technology (IT) security standards are regularly updated in a rapidly changing technological world to maintain pace with advanced technologies. This study was motivated by the realization that established IT risk-management frameworks might provide an adequate defence for small- and medium-sized enterprises (SMEs), especially those actively adopting new technologies. We reviewed that a dynamic IT risk-management framework, updated to reflect emerging technological changes, would offer improved security and privacy for SMEs. To evaluate this, we conducted a systematic literature review spanning 2016 to 2021, focusing on IT risk-management research in various application areas. This study revealed that, while established frameworks like NIST have their benefits, they need to be better suited to the unique needs of SMEs due to their high degree of abstractness, vague guidelines, and lack of adaptability to technological advancements. The findings suggest a pressing need to evolve IT risk-management frameworks, particularly by incorporating advanced methods such as system dynamics, machine learning, and technoeconomic and sociotechnological models. These innovative approaches provide a more dynamic, responsive, and holistic approach to risk management, thereby significantly improving the IT security of SMEs. The study’s implications underscore the urgency of developing flexible, dynamic, and technology-informed IT risk-management strategies, offering novel insights into a more practical approach to IT risk management.</p><p> </p></div><h2>Other Information</h2> <p> Published in: Electronics<br> License: <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.3390/electronics12173629" target="_blank">https://dx.doi.org/10.3390/electronics12173629</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_7ab0de485c1cdb92f629b29913e39607 |
| identifier_str_mv | 10.3390/electronics12173629 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/25285192 |
| publishDate | 2023 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis ApproachKhalifa AL-Dosari (17931434)Noora Fetais (16084859)EngineeringControl engineering, mechatronics and roboticsElectrical engineeringElectronics, sensors and digital hardwarecybersecurityinformation securityrisk managementrisk assessment<div><p>Information-technology (IT) security standards are regularly updated in a rapidly changing technological world to maintain pace with advanced technologies. This study was motivated by the realization that established IT risk-management frameworks might provide an adequate defence for small- and medium-sized enterprises (SMEs), especially those actively adopting new technologies. We reviewed that a dynamic IT risk-management framework, updated to reflect emerging technological changes, would offer improved security and privacy for SMEs. To evaluate this, we conducted a systematic literature review spanning 2016 to 2021, focusing on IT risk-management research in various application areas. This study revealed that, while established frameworks like NIST have their benefits, they need to be better suited to the unique needs of SMEs due to their high degree of abstractness, vague guidelines, and lack of adaptability to technological advancements. The findings suggest a pressing need to evolve IT risk-management frameworks, particularly by incorporating advanced methods such as system dynamics, machine learning, and technoeconomic and sociotechnological models. These innovative approaches provide a more dynamic, responsive, and holistic approach to risk management, thereby significantly improving the IT security of SMEs. The study’s implications underscore the urgency of developing flexible, dynamic, and technology-informed IT risk-management strategies, offering novel insights into a more practical approach to IT risk management.</p><p> </p></div><h2>Other Information</h2> <p> Published in: Electronics<br> License: <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.3390/electronics12173629" target="_blank">https://dx.doi.org/10.3390/electronics12173629</a></p>2023-08-28T03:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.3390/electronics12173629https://figshare.com/articles/journal_contribution/Risk-Management_Framework_and_Information-Security_Systems_for_Small_and_Medium_Enterprises_SMEs_A_Meta-Analysis_Approach/25285192CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/252851922023-08-28T03:00:00Z |
| spellingShingle | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach Khalifa AL-Dosari (17931434) Engineering Control engineering, mechatronics and robotics Electrical engineering Electronics, sensors and digital hardware cybersecurity information security risk management risk assessment |
| status_str | publishedVersion |
| title | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| title_full | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| title_fullStr | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| title_full_unstemmed | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| title_short | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| title_sort | Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach |
| topic | Engineering Control engineering, mechatronics and robotics Electrical engineering Electronics, sensors and digital hardware cybersecurity information security risk management risk assessment |