Complex Systems Informatics and Modeling Quarterly

Like most companies, small and medium-sized enterprises (SMEs) have become reliant on digital technology for their day-to-day business operations. While valuable, this comes with challenges; one of which is the rise in cybercrime. In terms of their cybersecurity resilience and risk, SMEs are among the most vulnerable and least mature. This article addresses a gap in the literature that has neglected cybersecurity readiness in SMEs. The study proposes a CyberSecurity Readiness Model for SMEs (CSRM-SME) based on a Socio-Technical view of organizations. The model was applied to three SMEs to assess their cybersecurity readiness and further understand the environment and strategies adopted to prevent and manage cyber-attacks.