Abstract
The resources required to establish and maintain cyber security often results in Small and Medium Enterprises (SMEs) being left unprotected, risking not just their own but also the supply chain of other larger organisations. A number of security certifications for SMEs have been proposed, but how effective are these schemes? We conducted the first effectiveness evaluation of one such scheme, Cyber Essentials, and found that its security controls seem to work well to mitigate the threats they were designed for, i.e.,
those threats exploiting vulnerabilities remotely with commodity-level tools. The results may also be applicable to other schemes for SMEs around the globe that share/include the same security controls.
those threats exploiting vulnerabilities remotely with commodity-level tools. The results may also be applicable to other schemes for SMEs around the globe that share/include the same security controls.
Original language | English |
---|---|
Pages (from-to) | 21-31 |
Journal | Computer |
Volume | 52 |
Issue number | 4 |
DOIs | |
Publication status | Published - 16 Apr 2019 |
Bibliographical note
The acceptance date for this record is provisional and based upon the month of publication for the article.Research Groups and Themes
- Cyber Security