Wolf-proof brick house? Information security of SMEs in Hungary
DOI:
https://doi.org/10.14267/VEZTUD.2023.09.04Keywords:
information security, SME, cluster analysisAbstract
IT and information security are as important in the life of SMEs as an oasis in the desert. The level of security contributes greatly to the competitiveness of companies, an area that is strongly under-represented in the SME sector. The study seeks to answer the question of whether it can really be observed that urgent digitisation has a negative impact on the level of information security in the life of SMEs in Hungary. The trends related to information security and data protection can be compared in Hungary and the European Union, showing the backwardness of the area. The study presents the results of Digimeter’s 2020, 2021 and 2022 quantitative research, and also processes public data from the Digital Economy and Society Index (DESI ) and other available indexes. The expected results of the research confirm that the immaturity of information security is clearly visible in Hungary.
Downloads
References
A digitális gazdaság és társadalom fejlettségét mérő mutató, 2022 Magyarország. https://hungary.representation.ec.europa.eu/digitalis-gazdasag-es-tarsadalom-fejlettseget-mero-mutato-2022-altalaban-veve-javult-helyzet-2022-07-28_hu
Abroshan, H., Devos, J., Poels, G., & Laermans, E. (2021). Phishing happens beyond technology: The effects of human behaviors and demographics on each step of a phishing process. IEEE Access, 9, 44928-44949. https://doi.org/10.1109/ACCESS.2021.3066383
Bakumenko, L. P., & Minina, E. A. (2020). International Index of Digital Economy and Society (I-DESI): Trends in the Development of Digital Technologies. Statistics and Economics, 17(2), 40-54. https://doi.org/10.21686/2500-3925-2020-2-40-54
Baxter, P., & Jack, S. (2008). Qualitative case study methodology: study design and implementation for novice researchers. The Qualitative Report, 13(4), 544-559. https://doi.org/10.46743/2160-3715/2008.1573
Boletsis, C., Ragnhild, H., Pickering, J., Stephen, P., & Surridge, M. (2021). Cybersecurity for SMEs: Introducing the human element into socio-technical cybersecurity risk assessment. In Hurter, C., Purchase, H., Braz, J., & Bouatoch, K. (Eds.), Proceedings of the 16th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications, SciTePress (pp. 266-274). https://doi.org/10.5220/0010332902660274
Bruggemann, R., Koppatz, P., Scholl, M., & Schuktomow, R. (2022). Global Cybersecurity Index (GCI) and the Role of its 5 Pillars. Social Indicators Research, 159, 125–143. https://doi.org/10.1007/s11205-021-02739-y
Bryan, L. L. (2020). Effective information security strategies for small business. International Journal of Cyber Criminology, 14(1), 341-360. http://doi.org/10.5281/zenodo.3760328
Cisco. (2017). Annual CyberSecurity Report. https://learningnetwork.cisco.com/s/contentdocu-ment/0693i000001r6FtAAI
Craigen, D., Diakun-Thibault, N., & Purse, R. (2014). Defining Cybersecurity. Technology Innovation Management Review, 4(10), 13-21. http://doi.org/10.22215/timreview/835
Creswell, J. W. (2003). Research design: Qualitative, quantitative, and mixed methods approaches (2nd ed.). Thousand Oaks: Sage. https://www.ucg.ac.me/skladiste/blog_609332/objava_105202/fajlovi/Creswell.pdf
Cseh G. (2019). Digitális Gazdaság és Társadalom Index – Magyarország európai uniós teljesítménye a digitalizált világban. https://www.researchgate.net/profile/Gergely-Cseh-Zelina/publication/338140204_Digitalis_Gazdasag_es_Tarsadalom_Index_-Magyarorszag_Europai_Unios_teljesitmenye_a_digitalizalt_vilagban_KEZIRAT_-_PREPRINT/links/5e01eeb74585159aa495de3f/Digitalis-Gazdasag-es-Tarsadalom-Index-Magyarorszag-Europai-Unios-teljesitmenye-a-digitalizalt-vilagban-KEZIRAT-PREPRINT.pdf
Csótó, M. (2019). Mérni annyi, mint tudni? Az elektronikus közigazgatás közösségi mérőszámairól. Vezetéstudomány, 50(2), 14-31. https://doi.org/10.14267/VEZTUD.2019.02.02
Demeter K., Losonci, D., & Takács, O. (2019). Az ipar 4.0 hatásainak nyomában – a magyarországi járműipar elemzése. Közgazdasági Szemle, 66(2), 185-218. http://dx.doi.org/10.18414/KSZ.2019.2.185
DESI (2022). A digitális gazdaság és társadalom indexe (DESI). https://digital-strategy.ec.europa.eu/hu/policies/ desi
DHS. (2014). A glossary of common cybersecurity terminology. National Initiative for Cybersecurity Careers and Studies: Department of Homeland Security. October 1. http://niccs.us-cert.gov/glossary#letter_c
Digiméter. (2023). Digiméter jelentés 2022. https://digimeter.hu/wp-content/uploads/2023/02/Digimeter-2022-jelentes.pdf
Edmondson, A., & McManus, S. (2007). Methodological fit in management field research. Academy of Management Review, 32(4), 1155-1179. https://doi.org/10.5465/AMR.2007.26586086
Farahbod, K., Shayo, C., & Varzandeh, J. (2020). Cybersecurity indices and cybercrime annual loss and economic impacts. Journal of Business and Behavioral Sciences, 32(1), 63-71. http://asbbs.org/files/2020/JBBS_32.1_Spring_2020.pdf#page=63
Gerda, B., & Regina, R. (2022). A vállalkozások és a digitális fejlődés. In Baráth N. & Mezei J. (Eds.), Rendészet – Tudomány – Aktualitások, A rendészettudomány a fiatal kutatók szemével, Konferenciakötet, (pp. 82-97). Doktoranduszok Országos Szövetsége. https://tudasportal.uni-nke.hu/xmlui/bitstream/handle/20.500.12944/18611/RTA%202022.pdf?sequence=1&isAllowed=yGlobalCybersecurityIndex2020.(2021).InternationalTelecommunicationUnion https://www.itu.int/epublications/publication/D-STR-GCI.01-2021-HTM-E?fbclid=IwAR0po3BCP_jjWUxMIOJCNK1Y4WxNAGWkIqbso_grf2zQ_1V2bA3tZssOoW4
Hemant, P., Chawande, N. P., Sonule, A., & Wani, H. (2011). Development of servers in cloud computing to solve issues related to security and backup. In 2011 IEEE International Conference on Cloud Computing and Intelligence Systems (pp. 158-163). IEEE. https://doi.org/10.1109/CCIS.2011.6045052
International Organization for Standardization. (2020). Information technology – Security techniques – Information security management systems – Requirements. ISO/IEC 27001:2013. ISO. https://www.iso.org/standard/27001
ITU.(2009).Overview of Cyber security. Recommendation ITU-T X.1205. Geneva: International TelecommunicationUnion (ITU). http://www.itu.int/rec/T-RECX.1205-200804-I/en
Kaila, U. (2018). Information security best practices: First steps for Startups and SMEs. Technology Innovation Management Review, 8(11), 32-42. https://doi.org/10.22215/timreview/1198
Khanvilkar, S., & Khokhar, A. (2004). Virtual private networks: an overview with performance evaluation.
IEEE Communications Magazine, 42(10), 146-154. https://doi.org/10.1109/MCOM.2004.1341273
Ključnikov, A., Mura, L., & Sklenár, D. (2019). Information security management in SMEs: factors of success. Entrepreneurship and Sustainability Issues, 6(4), 2081-2094. https://doi.org/10.9770/jesi.2019.6.4(37)
Kravets, V. (2019). Comparative analysis of the cybersecurity indices and their applications. Theoretical and Applied Cybersecurity, 1(1), 97-102. https://doi.org/10.20535/tacs.2664-29132019.1.169090
Lewis, M. (2006). Comparing, Designing, and Deploying VPNs. Cisco Press.
Mackenzie, N., & Knipe, S. (2006). Research dilemmas: Paradigms, methods and methodology. Issues in Educational Research, 16, 193-205. http://www.iier.org.au/iier16/mackenzie.html
Mertens, D. M. (2005). Research methods in education and psychology: Integrating diversity with quantitative and qualitative approaches (2nd ed.). Sage.
Michelberger, P., & Lábodi, Cs. (2012). Vállalati információbiztonság szervezése. In Vállalkozásfejlesztés a XXI. században II. (pp. 241-302)., Óbuda University, Keleti Faculty of Business and Management. https://docplayer.hu/3431306-Vallalati-informaciobiztonsag-szervezese.html
Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39–53. https://doi.org/10.1145/997150.997156
Mullarkey, M. T., & Hevner, A. R. (2018). An elaborated action design research process model. European Journal of Information Systems, 28(1). 6-20. https://doi.org/10.1080/0960085X.2018.1451811
National Cyber Security Index (2023). https://ncsi.ega.ee/indicators/
Naylor, D., Finamore, A., Leontiadis, I., Grunenberger, Y., Mellia, M., Munafò, M., Papagiannaki, K., & Steenk Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies (CoNEXT ‚14) (pp. 133–140). ACM. https://doi.org/10.1145/2674005.2674991
Nehrey, M., Voronenko, I., & Salem, A. B. M. (2022). Cybersecurity Assessment: World and Ukrainian Experience. In 2022 12th International Conference on Advanced Computer Information Technologies (ACIT) (pp. 335-340). IEEE. https://doi.org/10.1109/ACIT54803.2022.9913081
Nemeslaki, A., & Sasvári, P. (2014). Az információbiztonság- tudatosság empirikus vizsgálata a magyar üzleti és közszférában. Infokommunikáció és Jog, 60(4), 169-177. https://infojog.hu/wp-content/uploads/pdf/201460_NemeslakiAndras_SasvariPeter.pdf
Pfeiffer, U. (2022). Eine starke Unternehmenskultur minimiert Cyberrisiken. Digitale Welt, 6, 24–27. https://doi.org/10.1007/s42354-022-0429-x
Porter Felt, A., Barnes, R., King, A., Palmer, C., Bentzel, C., & Tabriz, P. (2017). Measuring HTTPS adoption on the web. In Proceedings of the 26th USENIX Conference on Security Symposium (SEC’17) ( pp. 1323– 1338). ACM. https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-felt.pdf
Ratchford, M., El-Gayar, O., Noteboom, C., & Wang, Y. (2022). BYOD security issues: A systematic literature review. Information Security Journal: A Global Perspective, 31(3), 253–273. https://doi.org/10.1080/19393555.2021.1923873
Romanosky, S., Telang, R., & Acquisti, A. (2011). Do data breach disclosure laws reduce identity theft? Journal of Policy Analysis and Management, 30(2), 256–286. http://www.jstor.org/stable/23018983
Sadok, M., Alter, S., & Bednar, P. (2020). It is not my job: exploring the disconnect between corporate security policies and actual security practices in SMEs. Information and Computer Security, 28(3), 467-483. https://doi.org/10.1108/ICS-01-2019-0010
Schatz, D., Bashroush, R., & Wall, J. (2017). Towards a more representative definition of cyber security. Journal of Digital Forensics, Security and Law, 12(2), 53- 74. https://doi.org/10.15394/jdfsl.2017.1476
Sharma, D. H., Dhote, C. A., & Potey, M. M. (2016). Identity and Access Management as Security-as-a-Service from Clouds. Procedia Computer Science, 79, 170– 174. https://doi.org/10.1016/j.procs.2016.03.117
Simmonds, M. (2017). How businesses can navigate the growing tide of ransomware attacks. Computer Fraud & Security, (3), 9-12. https://doi.org/10.1016/S1361-3723(17)30023-4
Simon, J. (2006). A klaszterelemzés alkalmazási lehetőségei a marketingkutatásban. Statiszikai Szemle, 84(7), 627-650. https://www.ksh.hu/statszemle_archive/2006/2006_07/2006_07_627.pdf
Smartcommerce Consulting, Reacty Digital, Virgo & Enet. (2020). Digiméter [Online]. https://digimeter.hu/
Tanenbaum, A. S., & Wetherall, D. J. (2013). Számítógép-hálózatok. Panem Kiadó. Venkateswaran, R. (2001). Virtual private networks. IEEE Potentials, 20(1), 11-15. https://doi.org/10.1109/45.913204
von Solms, B., & von Solms, R. (2018). Cybersecurity and information security – what goes where? Information and Computer Security, 26(1), 2-9. https://doi.org/10.1108/ICS-04-2017-0025
Yildirim, M., & Mackie, I. (2019). Encouraging users to improve password security and memorability. International Journal of Information Security, 18(12), 741-759. https://doi.org/10.1007/s10207-019-00429-y
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Vezetéstudomány / Budapest Management Review
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors assign copyright to Vezetéstudomány / Budapest Management Review. Authors are responsible for permission to reproduce copyright material from other sources.
