Cybersecurity, cyber insurance and small-to-medium-sized enterprises: a systematic Review
Abstract
Purpose
This study aims to offer insights into the state of research covering cybersecurity, cyber insurance and small- to medium-sized enterprises (SMEs). It examines benefits of insurance to an SME’s security posture, challenges faced, and potential solutions and outstanding research questions.
Design/methodology/approach
Research objectives were formulated, and the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocol was used to perform a systematic literature review (SLR). A total of 19 papers were identified from an initial set of 451.
Findings
This research underscores the role of cybersecurity in the value proposition of cyber insurance for SMEs. The findings highlight the benefits that cyber insurance offers SMEs including protection against cyber threats, financial assistance and access to cybersecurity expertise. However, challenges hinder SME’s engagement with insurance, including difficulties in understanding cyber risk, lack of cybersecurity knowledge and complex insurance policies. Researchers recommend solutions, such as risk assessment frameworks and government intervention, to increase cyber insurance uptake/value to SMEs.
Research limitations/implications
There is a need for further research in the risk assessment and cybersecurity practices of SMEs, the influence of government intervention and the effectiveness of insurers in compensating for losses. The findings also encourage innovation to address the unique needs of SMEs. These insights can guide future research and contribute to enhancing cyber insurance adoption.
Originality/value
To the best of the authors’ knowledge, this is the first SLR to comprehensively examine the intersection of cybersecurity and cyber insurance specifically in the context of SMEs.
Keywords
Citation
Adriko, R. and Nurse, J.R.C. (2024), "Cybersecurity, cyber insurance and small-to-medium-sized enterprises: a systematic Review", Information and Computer Security, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/ICS-01-2024-0025
Publisher
:Emerald Publishing Limited
Copyright © 2024, Emerald Publishing Limited