SMEs and cyber security

Karen Renaud, Jacques Ophoff

Research output: Contribution to specialist publicationArticle


It is well known that Small and Medium Enterprises (SMEs) are being targeted by cyber criminals, and that many fall victim to attacks. We carried out an investigation, funded by the Scottish Government, to find out what the state of play was for UK SMEs. We surveyed 361 small businesses (with fewer than 250 employees) across the UK to determine their experience of attacks, attitudes towards cyber security, and to assess their current practices in terms of controls they implement and precautions they take in the cyber domain. We asked them several questions to assess their “cyber situational awareness”, based on Endsley’s (1985) theory[1]. Our questions were aimed at assessing SMEs’ awareness of:

The reality of cyber security threats.
The precautions and controls they could take.
The need to act upon their knowledge.
Original languageEnglish
Specialist publicationCyber Insights Magazine
PublisherGlobal Foundation for Cyber Studies and Research (GFCyber)
Publication statusPublished - 27 Jul 2021


Dive into the research topics of 'SMEs and cyber security'. Together they form a unique fingerprint.

Cite this