{"title":"发展中国家的小企业如何看待数字时代的网络安全风险:印尼案例","authors":"Ratna Yudhiyati, Afrida Putritama, Diana Rahmawati","doi":"10.1108/jices-03-2021-0035","DOIUrl":null,"url":null,"abstract":"\nPurpose\nThis study aims to identify and analyse the issues faced by internet-based small businesses in developing countries regarding cybersecurity and document how these businesses address the risks.\n\n\nDesign/methodology/approach\nThis study used the qualitative method. Respondents were internet-based small businesses selected by using theoretical sampling. Data were collected by using interviews and observations. The validity of the analysis was ensured by using triangulation and member checking.\n\n\nFindings\nThis study reveals that small businesses managed to identify the loss of physical and monetary assets as possible damage. However, only a few businesses identified loss of intangible assets as possible cyber risks. Most small businesses had used basic cybersecurity measures to protect data access and some primary business activities. Unfortunately, they rarely take initiatives in preventing and early detecting cyber risks.\n\n\nResearch limitations/implications\nFindings of this study cannot be generalised as it aims to obtain new insights and document unexplored findings. Thus, if this study’s findings are going to be generalised, it is necessary to conduct an additional study. Secondly, this study did not assess how far small business had fulfilled the relevant information security framework as assessment required additional research, and this study only aimed to map the current situation in small businesses.\n\n\nPractical implications\nThis study emphasised the importance of identifying valuable assets or resources when implementing cybersecurity measures. Focusing on security measures to protect identified assets from cyber risk will make the efforts more efficient and effective than using standardised cybersecurity measures. Third-party developers can also use this study to understand small businesses’ current cybersecurity implementation and their characters to design online platforms that suit these needs. Governments can also design educational activities that address small businesses’ lack of knowledge.\n\n\nOriginality/value\nMost studies which focus on small businesses and information technology (IT) usually only discuss how they use IT. This study also brings new contributions by focusing on developing countries and specifically addresses internet-based technology cyber risk faced by e-commerce businesses. The qualitative method is used as most studies in e-commerce adoption were positivistic in nature, and inductive-based studies were rarely found on the topic.\n","PeriodicalId":156416,"journal":{"name":"J. Inf. Commun. Ethics Soc.","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"What small businesses in developing country think of cybersecurity risks in the digital age: Indonesian case\",\"authors\":\"Ratna Yudhiyati, Afrida Putritama, Diana Rahmawati\",\"doi\":\"10.1108/jices-03-2021-0035\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\nPurpose\\nThis study aims to identify and analyse the issues faced by internet-based small businesses in developing countries regarding cybersecurity and document how these businesses address the risks.\\n\\n\\nDesign/methodology/approach\\nThis study used the qualitative method. Respondents were internet-based small businesses selected by using theoretical sampling. Data were collected by using interviews and observations. The validity of the analysis was ensured by using triangulation and member checking.\\n\\n\\nFindings\\nThis study reveals that small businesses managed to identify the loss of physical and monetary assets as possible damage. However, only a few businesses identified loss of intangible assets as possible cyber risks. Most small businesses had used basic cybersecurity measures to protect data access and some primary business activities. Unfortunately, they rarely take initiatives in preventing and early detecting cyber risks.\\n\\n\\nResearch limitations/implications\\nFindings of this study cannot be generalised as it aims to obtain new insights and document unexplored findings. Thus, if this study’s findings are going to be generalised, it is necessary to conduct an additional study. Secondly, this study did not assess how far small business had fulfilled the relevant information security framework as assessment required additional research, and this study only aimed to map the current situation in small businesses.\\n\\n\\nPractical implications\\nThis study emphasised the importance of identifying valuable assets or resources when implementing cybersecurity measures. Focusing on security measures to protect identified assets from cyber risk will make the efforts more efficient and effective than using standardised cybersecurity measures. Third-party developers can also use this study to understand small businesses’ current cybersecurity implementation and their characters to design online platforms that suit these needs. Governments can also design educational activities that address small businesses’ lack of knowledge.\\n\\n\\nOriginality/value\\nMost studies which focus on small businesses and information technology (IT) usually only discuss how they use IT. This study also brings new contributions by focusing on developing countries and specifically addresses internet-based technology cyber risk faced by e-commerce businesses. The qualitative method is used as most studies in e-commerce adoption were positivistic in nature, and inductive-based studies were rarely found on the topic.\\n\",\"PeriodicalId\":156416,\"journal\":{\"name\":\"J. Inf. Commun. Ethics Soc.\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"J. Inf. Commun. Ethics Soc.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/jices-03-2021-0035\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Inf. Commun. Ethics Soc.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/jices-03-2021-0035","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
What small businesses in developing country think of cybersecurity risks in the digital age: Indonesian case
Purpose
This study aims to identify and analyse the issues faced by internet-based small businesses in developing countries regarding cybersecurity and document how these businesses address the risks.
Design/methodology/approach
This study used the qualitative method. Respondents were internet-based small businesses selected by using theoretical sampling. Data were collected by using interviews and observations. The validity of the analysis was ensured by using triangulation and member checking.
Findings
This study reveals that small businesses managed to identify the loss of physical and monetary assets as possible damage. However, only a few businesses identified loss of intangible assets as possible cyber risks. Most small businesses had used basic cybersecurity measures to protect data access and some primary business activities. Unfortunately, they rarely take initiatives in preventing and early detecting cyber risks.
Research limitations/implications
Findings of this study cannot be generalised as it aims to obtain new insights and document unexplored findings. Thus, if this study’s findings are going to be generalised, it is necessary to conduct an additional study. Secondly, this study did not assess how far small business had fulfilled the relevant information security framework as assessment required additional research, and this study only aimed to map the current situation in small businesses.
Practical implications
This study emphasised the importance of identifying valuable assets or resources when implementing cybersecurity measures. Focusing on security measures to protect identified assets from cyber risk will make the efforts more efficient and effective than using standardised cybersecurity measures. Third-party developers can also use this study to understand small businesses’ current cybersecurity implementation and their characters to design online platforms that suit these needs. Governments can also design educational activities that address small businesses’ lack of knowledge.
Originality/value
Most studies which focus on small businesses and information technology (IT) usually only discuss how they use IT. This study also brings new contributions by focusing on developing countries and specifically addresses internet-based technology cyber risk faced by e-commerce businesses. The qualitative method is used as most studies in e-commerce adoption were positivistic in nature, and inductive-based studies were rarely found on the topic.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
