Litcius/Paper detail

Cyber risk assessment in small and medium‐sized enterprises: A multilevel decision‐making approach for small e‐tailors

Arun Sukumar, Hannan Amoozad Mahdiraji, Vahid Jafari‐Sadeghi

2023Risk Analysis57 citationsDOIOpen Access PDF

Abstract

The role played by information and communication technologies in today's businesses cannot be underestimated. While such technological advancements provide numerous advantages and opportunities, they are known to thread organizations with new challenges such as cyberattacks. This is particularly important for small and medium-sized enterprises (SMEs) that are deemed to be the least mature and highly vulnerable to cybersecurity risks. Thus, this research is set to assess the cyber risks in online retailing SMEs (e-tailing SMEs). Therefore, this article employs a sample of 124 small e-tailers in the United Kingdom and takes advantage of a multi-criteria decision analysis (MCDA) method. Indeed, we identified a total number of 28 identified cyber-oriented risks in five exhaustive themes of "security," "dependency," "employee," "strategic," and "legal" risks. Subsequently, an integrated approach using step-wise weight assessment ratio analysis (SWARA) and best-worst method (BWM) has been employed to develop a pathway of risk assessment. As such, the current study outlines a novel approach toward cybersecurity risk management for e-tailing SMEs and discusses its effectiveness and contributions to the cyber risk management literature.

Topics & Concepts

Multiple-criteria decision analysisRisk managementBusinessRisk analysis (engineering)Dependency (UML)Risk assessmentSmall and medium-sized enterprisesComputer securityComputer scienceOperations researchEngineeringFinanceSoftware engineeringInformation and Cyber SecuritySupply Chain Resilience and Risk ManagementSoftware Engineering Techniques and Practices
Cyber risk assessment in small and medium‐sized enterprises: A multilevel decision‐making approach for small e‐tailors | Litcius