Henson, Richard and Garfield, Joy (2016) What Attitude Changes Are Needed to Cause SMEs to Take a Strategic Approach to Information Security? Athens Journal of Business and Economics, 2 (3). pp. 303-318. ISSN Online: 2241-794X
Preview |
Text
2015-1-X-Y-Henson.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial. Download (370kB) | Preview |
Abstract
Spending on security in an SME usually has to compete with demands for hardware, infrastructure, and strategic applications. In this paper, the authors seek to explore the reasons why smaller SMEs in particular have consistently failed to see securing information as strategic year-on-year spending, and just regard as part of an overall tight IT budget. The authors scrutinise the typical SMEs reasoning for choosing to see non-spending on security as an acceptable strategic risk. They look particularly at possible reasons why SMEs tend not to take much notice of "scare stories" in the media based on research showing they are increasingly at risk, whilst larger businesses are taking greater precautions and become more difficult to penetrate. The results and their analysis provide useful pointers towards broader business environment changes that would cause SMEs to be more risk-averse and ethical in their approach to securing their own and their clients’ information.
Item Type: | Article |
---|---|
Additional Information: | The full-text of the online published article can be accessed via the Official URL. |
Uncontrolled Discrete Keywords: | data protection legislation, economics of information security, information security management systems, ISO2700, SME |
Subjects: | K Law > K Law (General) T Technology > T Technology (General) |
Divisions: | College of Business, Psychology and Sport > Worcester Business School |
Related URLs: | |
Depositing User: | Joy Garfield |
Date Deposited: | 05 Apr 2016 08:54 |
Last Modified: | 17 Jun 2020 17:09 |
URI: | https://eprints.worc.ac.uk/id/eprint/4248 |
Actions (login required)
View Item |