University of Twente Student Theses

Login

Protecting Small and Medium Enterprises : A Specialized Cybersecurity Risk Assessment Framework and Tool.

Mirza, Zuhayr Aamir (2024) Protecting Small and Medium Enterprises : A Specialized Cybersecurity Risk Assessment Framework and Tool.

[img] PDF
2MB
Abstract:As the number of small and medium enterprises (SMEs) rises in the world, the amount of sensitive data used also increases, making them targets for cyberattacks. SMEs face a host of issues such as lack of resources, and poor cybersecurity talent, resulting in multiple vulnerabilities which increases overall risk. Cybersecurity risk assessment frameworks have been developed by multiple organisations such as the National Institute of Science and Technology (NIST) and the International Organization for Standardization (ISO), but they are complicated to understand, and challenging to implement. This research aimed to create an effective cyber-security risk assessment framework specifically for SMEs, while considering their limitations. This was achieved by first identifying common threats and vulnerabilities and categorizing them according to their importance, and risk. Secondly, popular frameworks like the NIST CSF and ISO 27001/2 were analyzed for their proficiencies and deficiencies while identifying relevant areas for SMEs. Finally, novel techniques catered to SMEs were explored and incorporated to create an effective framework for SMEs. This framework was also developed in the form of a tool, providing an interactive and dynamic environment. The tool was effective and the framework is a promising start but requires more quantitative analysis
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Business & IT BSc (56066)
Link to this item:https://purl.utwente.nl/essays/100866
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page