A Cyber4Dev Security Culture Model for SMMEs in South Africa
摘要
Several studies have researched the concept of cybersecurity culture, yet limited research has been done on cybersecurity culture (CSC) in developing countries (Cyber4Dev security culture) such as South Africa (SA). In SA, small, medium, and micro enterprises (SMMEs) are vital to the country’s economy, contributing more than 50% toward job creation. Nonetheless, cybersecurity has become a major issue for sub-Saharan countries’ enterprises due to the lack of capacity and resources to tackle cyber threats. Therefore SA SMMEs are facing the risk of cybercrimes. This study conducts a systematic literature review to elucidate factors influencing CSC in SA SMMEs using the Preferred Reporting Items for Systematic Reviews. Additionally, the study analyses the existing cybersecurity models and frameworks to discover elements that can be used to develop a Cyber4Dev security culture model or framework for SA SMMEs. This study identifies five new factors (Communication, Organisational culture, Accountability and Responsibility, Assets, and Technological factors) in addition to factors identified by a previous study. This study proposes the SAMMES Cyber4Dev Security Culture conceptual model by adding five newly identified factors to adjust and refine the Ubuntu Cyber4Dev security model previously proposed. The model can be used as a baseline by academics for further research and it is hoped it will increase the cybersecurity posture of SMMES in SA.