Document Type
Capstone Project
Publication Date
7-2025
Publication Title
Proceedings of the 2025 8th International Conference on Software Engineering and Information Management
Keywords
trust frameworks, security requirements, small to medium enterprises, vulnerabilities, threats, cybersecurity
Abstract
This study examines the cybersecurity policies, practices, and preparedness of small and medium-sized enterprises (SMEs) in Central Illinois, focusing on how they align with established standards. Through a detailed literature review and a survey, the research identifies common cyber threats faced by SMEs and evaluates their current cybersecurity measures. Key findings reveal that many SMEs, despite being vulnerable due to their integration of Industry 4.0 technologies, lack comprehensive incident detection and response systems. The study underscores the necessity for improved cybersecurity awareness among all levels of SME staff, including CEOs, managers, and employees. Recommendations are proposed to enhance collective cybersecurity readiness and threat detection, aiming to bolster the overall resilience of SMEs against cyber threats.
Funding Source
This research was funded by the Office of Student Research at Illinois State University. This proceeding was published Open Access thanks to a transformative agreement between Milner Library and ACM.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.
DOI
10.1145/3725899.3725926
Recommended Citation
Clark, A., & Mujeye, S. (2025). A Critical Analysis of SME Cybersecurity Policies and Practices. Proceedings of the 2025 8th International Conference on Software Engineering and Information Management, 178–183. https://doi.org/10.1145/3725899.3725926
Comments
First published in Proceedings of the 8th International Conference on Software Engineering and Information Management (2025): https://doi.org/10.1145/3725899.3725926