A Review of the Current Cyber Hygiene in Small and Medium-sized Businesses
Tabisa Ncubukezi, Laban Mwansa, Francois Rocaries
Abstract
The Internet's increased convenient usage has equally granted access to cyber hackers, which quantified cybercrimes. Small and medium-sized businesses (SMB) have become victims of cybercrimes and have negatively affected SMBs' cyber hygiene. The continual practice of good cyber hygiene improves and balances the health of business assets such as hardware devices, people, and software applications. To this end, the level of the hygiene of cybersecurity in the SMBs is still not clear. The paper reports the current cyber health status in SMBs. Our work also examines cyber threats experienced by SMBs, reviewing the use of relevant security measures and their extent of the implementation to maintain good cyber hygiene. The study selected 30 SMB participants in the Western Cape (WC) province, South Africa using purposive sampling. The work used an open-ended online qualitative survey and interviews as the data-collection methods. The collected evidence was analyzed using narrative analysis. The findings revealed that cybersecurity hygiene in SMBs varies from one business sector to the other. The absence of detailed rules, standards, procedures, and guidelines to promote good cybersecurity hygiene leads to poor cyber hygiene in SMBs. Results further showed the limitations of the use of current security measures and their practice. Also, SMBs' employees have minimal knowledge about handling cyber-attacks, thus resulting in significant shortcomings. The study recommended the best ways to maintain good cyber hygiene.