To read this content please select one of the options below:

Cybersecurity, cyber insurance and small-to-medium-sized enterprises: a systematic Review

Rodney Adriko (Institute of Cyber Security for Society (ICSS), School of Computing, University of Kent, Canterbury, UK)
Jason R.C. Nurse (Institute of Cyber Security for Society (ICSS), School of Computing, University of Kent, Canterbury, UK)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 25 June 2024

207

Abstract

Purpose

This study aims to offer insights into the state of research covering cybersecurity, cyber insurance and small- to medium-sized enterprises (SMEs). It examines benefits of insurance to an SME’s security posture, challenges faced, and potential solutions and outstanding research questions.

Design/methodology/approach

Research objectives were formulated, and the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocol was used to perform a systematic literature review (SLR). A total of 19 papers were identified from an initial set of 451.

Findings

This research underscores the role of cybersecurity in the value proposition of cyber insurance for SMEs. The findings highlight the benefits that cyber insurance offers SMEs including protection against cyber threats, financial assistance and access to cybersecurity expertise. However, challenges hinder SME’s engagement with insurance, including difficulties in understanding cyber risk, lack of cybersecurity knowledge and complex insurance policies. Researchers recommend solutions, such as risk assessment frameworks and government intervention, to increase cyber insurance uptake/value to SMEs.

Research limitations/implications

There is a need for further research in the risk assessment and cybersecurity practices of SMEs, the influence of government intervention and the effectiveness of insurers in compensating for losses. The findings also encourage innovation to address the unique needs of SMEs. These insights can guide future research and contribute to enhancing cyber insurance adoption.

Originality/value

To the best of the authors’ knowledge, this is the first SLR to comprehensively examine the intersection of cybersecurity and cyber insurance specifically in the context of SMEs.

Keywords

Citation

Adriko, R. and Nurse, J.R.C. (2024), "Cybersecurity, cyber insurance and small-to-medium-sized enterprises: a systematic Review", Information and Computer Security, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/ICS-01-2024-0025

Publisher

:

Emerald Publishing Limited

Copyright © 2024, Emerald Publishing Limited

Related articles