Exploring the economic role of cybersecurity in SMEs: A case study of the UK

IF 10.1 1区 社会学 Q1 SOCIAL ISSUES
Marta F. Arroyabe , Carlos F.A. Arranz , Ignacio Fernandez De Arroyabe , Juan Carlos Fernandez de Arroyabe
{"title":"Exploring the economic role of cybersecurity in SMEs: A case study of the UK","authors":"Marta F. Arroyabe ,&nbsp;Carlos F.A. Arranz ,&nbsp;Ignacio Fernandez De Arroyabe ,&nbsp;Juan Carlos Fernandez de Arroyabe","doi":"10.1016/j.techsoc.2024.102670","DOIUrl":null,"url":null,"abstract":"<div><p>This study explores the economic role of cybersecurity in Small and Medium Enterprises (SMEs), situating cybersecurity within the framework of merit-goods within the economic theory of market failures and public goods. By examining 240 SMEs across the UK, the empirical findings of this investigation underscore its classification as a merit-good due to its extensive social benefits and the critical gap in its optimal provision. The results confirm the existence of market failure, such as the lack and asymmetry of information regarding cybersecurity, acknowledging the myopia and lack of information within SMEs, leading to suboptimal implementation of cybersecurity. Moreover, the lack of optimal implementation is evidenced by the findings indicating that neither cybersecurity incidents nor cybersecurity impacts in SMEs drive the implementation of cybersecurity. Additionally, we observe that implementation is more focused on control systems than on management systems, which is a significant differentiating factor from large enterprises. The study contributes theoretically by framing cybersecurity as a merit-good, provides managerial insights into SME cybersecurity practices, and emphasizes the importance of nuanced policies to bridge the implementation gap.</p></div>","PeriodicalId":47979,"journal":{"name":"Technology in Society","volume":"78 ","pages":"Article 102670"},"PeriodicalIF":10.1000,"publicationDate":"2024-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0160791X24002185/pdfft?md5=26eff34ef08df1aedd9d2f4694cbee5d&pid=1-s2.0-S0160791X24002185-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Technology in Society","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0160791X24002185","RegionNum":1,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL ISSUES","Score":null,"Total":0}
引用次数: 0

Abstract

This study explores the economic role of cybersecurity in Small and Medium Enterprises (SMEs), situating cybersecurity within the framework of merit-goods within the economic theory of market failures and public goods. By examining 240 SMEs across the UK, the empirical findings of this investigation underscore its classification as a merit-good due to its extensive social benefits and the critical gap in its optimal provision. The results confirm the existence of market failure, such as the lack and asymmetry of information regarding cybersecurity, acknowledging the myopia and lack of information within SMEs, leading to suboptimal implementation of cybersecurity. Moreover, the lack of optimal implementation is evidenced by the findings indicating that neither cybersecurity incidents nor cybersecurity impacts in SMEs drive the implementation of cybersecurity. Additionally, we observe that implementation is more focused on control systems than on management systems, which is a significant differentiating factor from large enterprises. The study contributes theoretically by framing cybersecurity as a merit-good, provides managerial insights into SME cybersecurity practices, and emphasizes the importance of nuanced policies to bridge the implementation gap.

探索网络安全在中小企业中的经济作用:英国案例研究
本研究探讨了网络安全在中小型企业(SMEs)中的经济作用,将网络安全置于市场失灵和公共物品经济理论中的优点物品框架内。通过对英国 240 家中小型企业的调查,本研究的实证结果强调了网络安全属于公益物品,因为它具有广泛的社会效益,而且在最佳提供方面存在严重差距。结果证实了市场失灵的存在,如网络安全信息的缺乏和不对称,承认了中小企业的近视和信息匮乏,从而导致网络安全的次优实施。此外,研究结果表明,无论是网络安全事件还是网络安全对中小企业的影响都不会推动网络安全的实施,这也证明了网络安全的实施效果不理想。此外,我们还发现,实施工作更侧重于控制系统而非管理系统,这是与大型企业的一个重要区别因素。本研究将网络安全视为一种优点,为中小企业网络安全实践提供了管理见解,并强调了细微政策对于弥合实施差距的重要性,从而在理论上做出了贡献。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
17.90
自引率
14.10%
发文量
316
审稿时长
60 days
期刊介绍: Technology in Society is a global journal dedicated to fostering discourse at the crossroads of technological change and the social, economic, business, and philosophical transformation of our world. The journal aims to provide scholarly contributions that empower decision-makers to thoughtfully and intentionally navigate the decisions shaping this dynamic landscape. A common thread across these fields is the role of technology in society, influencing economic, political, and cultural dynamics. Scholarly work in Technology in Society delves into the social forces shaping technological decisions and the societal choices regarding technology use. This encompasses scholarly and theoretical approaches (history and philosophy of science and technology, technology forecasting, economic growth, and policy, ethics), applied approaches (business innovation, technology management, legal and engineering), and developmental perspectives (technology transfer, technology assessment, and economic development). Detailed information about the journal's aims and scope on specific topics can be found in Technology in Society Briefings, accessible via our Special Issues and Article Collections.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信