This paper explores the adoption of Zero Trust Architecture (ZTA) in small and medium-sized enterprises (SMEs) in the Czech Republic, aiming to identify key barriers, enabling factors, and readiness levels for its implementation. Drawing on survey data from 230 SME respondents, we investigate awareness of ZTA principles, current security practices, and the perceived value of specific support measures. The study is guided by clearly defined research questions and hypotheses. We construct a composite readiness index based on technical and organizational measures and analyze its relationship with firm size, security maturity, and training frequency. Key findings indicate that while ZTA awareness is relatively low (only 43.4% had heard of the term), many companies have already implemented foundational elements aligned with ZTA. Security readiness is significantly higher among firms with formal security policies and regular employee training. Medium-sized enterprises show notably greater implementation levels than micro and small firms. The most frequently requested forms of support include practical implementation guides, financial aid, and consultations with experts. These preferences vary by firm size, with smaller firms emphasizing financial support and larger ones favoring professional services. The paper concludes with a roadmap for SME-oriented ZTA adoption, emphasizing the need for scalable, low-barrier solutions and targeted support. Our findings provide empirical insights to inform policy design, training programs, and vendor strategies for secure digital transformation in the SME sector.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Implementing Zero Trust Architecture in SMEs: Readiness, Barriers, and Tailored Support Strategies – Evidence from the Czech Republic

  • Lukas Herout,
  • Arvind Panwar

摘要

This paper explores the adoption of Zero Trust Architecture (ZTA) in small and medium-sized enterprises (SMEs) in the Czech Republic, aiming to identify key barriers, enabling factors, and readiness levels for its implementation. Drawing on survey data from 230 SME respondents, we investigate awareness of ZTA principles, current security practices, and the perceived value of specific support measures. The study is guided by clearly defined research questions and hypotheses. We construct a composite readiness index based on technical and organizational measures and analyze its relationship with firm size, security maturity, and training frequency. Key findings indicate that while ZTA awareness is relatively low (only 43.4% had heard of the term), many companies have already implemented foundational elements aligned with ZTA. Security readiness is significantly higher among firms with formal security policies and regular employee training. Medium-sized enterprises show notably greater implementation levels than micro and small firms. The most frequently requested forms of support include practical implementation guides, financial aid, and consultations with experts. These preferences vary by firm size, with smaller firms emphasizing financial support and larger ones favoring professional services. The paper concludes with a roadmap for SME-oriented ZTA adoption, emphasizing the need for scalable, low-barrier solutions and targeted support. Our findings provide empirical insights to inform policy design, training programs, and vendor strategies for secure digital transformation in the SME sector.