ESC
Clarivate

 
Source: Journal Citation ReportsTM from ClarivateTM 2022

Entrepreneurship and Sustainability Issues Open access
Journal Impact FactorTM (2022) 1.7
Journal Citation IndicatorTM (2022) 0.42
Received: 2019-02-20  |  Accepted: 2019-05-16  |  Published: 2019-06-30

Title

Information security management in SMEs: factors of success


Abstract

While the consecutive metamorphoses in the world economy changes the paradigm of doing business, the sources of success of almost every type of business transfer from tangible to intangible assets, and the information and its value becomes more and more significant, especially in the segment of small and medium sized enterprises. The aim of this paper was to identify the factors of success of information security management in segment of SMEs in Slovakia. Based on the literature research we identified 4 main factors of success of information security management, including the Compliance of information security management with the company's business activities, Support of top management, Security controls and Organizational awareness. To identify the importance and interconnections of the specified factors we have addressed senior IT security experts from SMEs in Slovakia. The experts evaluated the significance and relationships the factors of success of information security management and the results of the expert evaluation were processed using the DEMATEL technique. The results of the research show that the Security Controls and Supportive top management are the most important factors in general, while the factor of organizational awareness is the most obvious and important in the short-term period. Our results imply that SMEs should promote organizational awareness in information security management in line with implementation of the security controls at the first line of the defense.


Keywords

information security management, DEMATEL, support of top management, security controls, organizational awareness


JEL classifications

D80 , M15 , O32


URI

http://jssidoi.org/jesi/article/340


DOI


Pages

2081-2094


This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License

Authors

Ključnikov, Aleksandr
College of Entrepreneurship and Law, Prague, Czech Republic https://www.vspp.cz
Articles by this author in: CrossRef |  Google Scholar

Mura, Ladislav
Pan-European University, Bratislava, Slovakia https://www.paneurouni.com
Articles by this author in: CrossRef |  Google Scholar

Sklenár, David
Pan-European University, Bratislava, Slovakia https://www.paneurouni.com
Articles by this author in: CrossRef |  Google Scholar

Journal title

Entrepreneurship and Sustainability Issues

Volume

6


Number

4


Issue date

June 2019


Issue DOI


ISSN

ISSN 2345-0282 (online)


Publisher

VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania

Cited

Google Scholar

Article views & downloads

HTML views: 5452  |  PDF downloads: 2218

References


Adásková, P. (2009). Ekonomická krize zvyšuje zájem firem o řízení rizik. Risk-Management.cz, ISSN 1802-0496.

Search via ReFindit


Alnatheer, M. A. 2015. Information security culture critical success factors. In: 12th International Conference on Information Technology-New Generations – Proceedings, 2015. s.731-735

Search via ReFindit


Badulescu, D. (2012). SMEs financing: The Extend of Need and the Responses of Different Credit Structures. Theoretical and Applied Economics, 17(7), pp. 25-36

Search via ReFindit


Belás J., Macháček J., Bartoš P., Hlawiczka R., Hudáková M. (2014). Business Risks and the Level of Entrepreneurial Optimism among SME in the Czech and Slovak Republic. Journal of Competitiveness, 6(2), pp. 30-41.

Search via ReFindit


Bhaird, C.M. (2010). Resourcing Small And Medium Sized Enterprises. Springer Verlag: Berlin, 2010.

Search via ReFindit


Chang, S. E., Chen, S.Y., Chen, C.Y. 2011. Exploring the Relationships between It Capabilities and Information Security Management In: International Journal of Technology Management, 2011. ISSN 0267-5730, roč. 54, č. 2/3, s.147- 166

Search via ReFindit


Chmielarz W., Zborowski M. 2017. Analysis of the Use of Electronic Banking and e-Payments from the Point of View of a Client, 2017, In: Proceedings of the Federated Conference on Computer Science and Information Systems, 2017. s. 965-969, [cit. 2018-05-10].

Search via ReFindit


Culnan, M. J., Foxman, E. R., Ray, A. W. 2008. Why It Executives Should Help Employees Secure Their Home Computers, In: MIS Quarterly, 2008. ISSN 0276-7783, roč. 7, č. 1, s. 49-56

Search via ReFindit


Davidavičienė, V., Raudeliūnienė, J., Tvaronavičienė, M., Kaušinis, J. 2019. The importance of security aspects in consumer preferences in electronic environment. Journal of Security and Sustainability Issues, 8(3), 399-411. http://doi.org/10.9770/jssi.2019.8.3(9)

Search via ReFindit


Davidekova, M., Gregus Ml., M., Farkas, P. 2016. MATLAB implementation of the recent CCC construction approach. International conference on telecommunications and signal processing, TSP 2016, pp. 429-432. https://doi.org/10.1109/tsp.2016.7760913

Search via ReFindit


Dekýš, P. 2010. Správa informačnej bezpečnosti v malej a stredne veľkej spoločnosti e-Focus, 2010. ISSN 1336-1805, roč. 10, č. 3, s. 12-13

Search via ReFindit


Fire Eye, Inc.. 2016. 5 reasons cyber attackers target SMEs, FireEye, 2016. [cit. 2018-10-11] Available at: _ web.pdf https://www.fireeye.com/content/dam/fireeye-www/global/en/offers/pdfs/SMEInfographic

Search via ReFindit


Gródek-Szostak, Z. Nesterak, J., 2017. Trade missions as the instrument for supporting international technological cooperation of enterprises - Case study of Poland, Slovakia and Czech Republic. Acta Oeconomica Universitatis Selye 6 (2), 57 – 68. ISSN 1338-6581

Search via ReFindit


Hau B., Penrose M., Hall T., Bevilacqua M. 2016. M-Trends, 2016. EMEA Edition, Jún, 2016 HENDERSON, J., WEILER, S. (2010). Entrepreneurs and Job Growth: Probing The Boundaries Of Time And Space, Economic Development Quarterly, 24(1), 23 – 32. HUANG, S., M., LEE, C. L., KAO, A.C. 2006. "Balancing Performance Measures for Information Security Management: A Balanced Scorecard Framework," In: Industrial Management and Data Systems, 2006. ISSN 0263-5577, roč. 106, č. 2, s. 242-255

Search via ReFindit


Hudec, L. 2014. Manažment informačnej bezpečnosti - csirt.sk [cit. 2018-10-11] Available at: https://www.csirt.gov.sk/doc/MFSRVzdelavanie/02Vzdelavanie2014/Prezentacie_vyssi_manazment_organizacie/PrezGR_Manazment_IB.pdf

Search via ReFindit


Karpak, B., Topcu, I. (2010). Small medium manufacturing enterprices in Turkey: an analytic network process framework for prioritizing factors affecting success. International Journal of Production Economics, 125, pp. 60–70.

Search via ReFindit


Kayworth, T., Whitten, D. 2010. Effective Information Security Requires a Balance of Social and Technology Factors, In: MIS Quarterly Executive, 2010. ISSN 1540-1960, roč.9, č, 3, s.163-175

Search via ReFindit


Kazemi, M., Khajouei, H., Nasrabadi, H. 2012. Evaluation of information security management system success factors: Case study of Municipal organization. In: African Journal of Business Management, 2012, roč. 6, č. 14, s. 4982-4989. ISSN 1993-8233

Search via ReFindit


Khouri, S. 2009. Analýza bezpečnosti informačných systémov organizácií. In Zborník z UNINFOS 2009 (Univerzitné informačné systémy), 2009. Slovenská poľnohospodárska univerzita v Nitre. 2009, s. 140-144, ISBN 978-80-552-0309-6

Search via ReFindit


Korenkova, V., Zavadsky, J. LIS, M. 2019. Linking a performance management system and competencies: qualitative research. Engineering management in production and services, Vol. 11, No. 1, pp. 51-67. DOI: 10.2478/emj-2019-0004

Search via ReFindit


Kotulic, A. G., Clark, J. G. 2004. Why there aren’t more information security research studies. Information & Management, roč. 41, č.5, s. 597-607.

Search via ReFindit


Lengyel, P., Oláh, J., Pancsira, J., Füzesi, I., Popp, J. 2017. Advantages of using LMS in training for agricultural advisors. Acta Oeconomica Universitatis Selye 6(2), 109 – 118. ISSN 1338-6581

Search via ReFindit


Lo, C. C., Chen, W. J. 2012. A hybrid information security risk assessment procedure considering interdependences between controls. In: Expert Systems with Applications, 2012. ISSN 0957-4174, roč. 39, č., s. 247-257

Search via ReFindit


Lopes, I., Oliveira, P. 2015. Implementation of information systems security policies: a survey in small and medium sized enterprises. In: New Contributions in Information Systems and Technologies, Volume 1, 2015. s. 459 - 468, ISBN 978-3-319-16486-1

Search via ReFindit


Ma, Q., Schmidt, M. B., Pearson, J. M. 2009. An Integrated Framework for Information Security Management, In: Review of Business, 2009. ISSN 2378-9670, roč. 30, č. 1, s. 58-69

Search via ReFindit


Maciejewski, M., Wach, K. 2019. International Startups from Poland: Born Global or Born Regional? Journal of Management and Business Administration. Central Europe, 27(1), 60-83. https://doi.org/10.7206/jmba.ce.2450-7814.247

Search via ReFindit


Mandorf, S., Gregus, M. 2014. The e-business perspective as a solution for inertia against complexity management in SME. Proceedings - 2014 International conference on intelligent networking and collaborative systems, IEEE INCOS 2014, pp. 237-241

Search via ReFindit


Millaire P., Sathe A., Thielen P. 2017. What All Cyber Criminals Know: Small & Midsize Businesses With Little or No Cybersecurity Are Ideal Targets, 2017. [cit. 2018-10-11] Available at: https://www2.chubb.com/usen/_assets/doc/17010201-cyber-for-small_midsize-businesses-10.17.pdf

Search via ReFindit


Olah, J., Kovacs, S., Virglerova, Z., Lakner, Z., Kovacova, M., Popp. J. 2019. Analysis and comparison of economic and financial risk sources in SMEs of the Visegrad Group and Serbia. Sustainability, Vol. 11, No. 7, 1853. https://doi.org/10.3390/su11071853

Search via ReFindit


Peracek, T., Mitellman, A., Mucha, B. 2018. The Particular Aspects of Procurement Contracts of Trading in Securities in the Conditions of the Slovak Republic. Finance and sustainability. Springer Proceedings in Business and Economics, pp. 175-185. https://doi.org/10.1007/978-3-319-92228-7_15

Search via ReFindit


Polkowski, Z., Dysarz, J. 2017. IT Security management in small and medium enterprises. In: Scientific Bulletin – Economic Sciences, 2017. ISSN 1583-1809, roč. 16, Special Issue EtaEc, s. 134-148

Search via ReFindit


Radu, L. D. 2018. Green ICT: some challenges and potential solutions. Acta Oeconomica Universitatis Selye 7 (2), 141 – 150. ISSN 1338-6581

Search via ReFindit


Rajnoha, R., Korauš, A., Dobrovič, J. (2017). Information systems for sustainable performance of organizations. Journal of Security and Sustainability Issues, 7(1), 167-179. https://doi.org/10.9770/jssi.2017.6.1(14)

Search via ReFindit


Sklenár, D., Čimová, K. 2018. IKT v MSP. In: Acta Paneuropeana - Letters in economics and international business. 2018. roč. 2, ISBN 9788089453399

Search via ReFindit


Slovak Business Agency. (2015). Správa o stave MSP v SR 2014. Available at: http://www.sbagency.sk/sites/default/files/sprava_o_stave_msp2014.pdf

Search via ReFindit


Soomro, Z.A., Shah, M.H., Ahmed, J. 2016. Information security management needs more holistic approach: a literature review, In: International Journal of Information Management, ISSN 0268-4012, roč. 36, č. 2, s. 215-225

Search via ReFindit


Spears, J. L., Barki, H. 2010. User Participation in Information Systems Security Risk Management. In: MIS quarterly, 2010. ISSN 2162-9730, roč. 30, č. 3, s. 503-522

Search via ReFindit


Tan, W.K., Kuo, C. Y. 2014. Prioritization of facilitation strategies of park and recreation agencies through DEMATEL analysis. In: Asia Pacific Journal of Tourism Research. 2014. ISSN XXXX, roč. 19, č. 8, s. 859–875

Search via ReFindit


Tianshui, W., Gang, Z. 2014. A new security and privacy risk assessment model for information system considering influence relation of risk elements. In: 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications IEEE, 2014, s. 233-238. ISBN 978-1-4673-8315-8

Search via ReFindit


Tu, C. Z., Yuan, Y., Archer, N., Connelly, C. E. 2018. Strategic value alignment for information security management: a critical success factor analysis. In: Information & Computer Security, 2018. ISSN 2056-4961, roč. 26, č.2, s.150-170

Search via ReFindit


Tu, Z., Yuan, Y. 2014. Critical success factors analysis on effective information security management: A literature review. In: Twentieth Americas Conference on Information Systems, Savannah, 2014. s. 1-12. ISBN 978-1-6326-6753-3

Search via ReFindit


Tvaronavičienė M. 2018. Towards internationally tuned approach towards critical infrastructure protection, Journal of Security and Sustainability Issues, 8(2), 143-150. https://doi.org/10.9770/jssi.2018.8.2(2)

Search via ReFindit


Verbano, C., Venturini, K. (2013). Managing risks in SMEs: a literature review and research agenda. Journal of Technology Management & Innovation, 8(3), pp. 186–197.

Search via ReFindit


Vilcekova, L., Mucha, B., Peracek, T., Strazovska, L. 2018. Selected issues of family business in selected countries with emphasis on the Slovak republic. Innovation management and education excellence through Vision 2020, Vols IV -VI, pp. 2500-2509

Search via ReFindit


Waly, N., Tassabehji, R., Kamala, M. 2012. Improving organisational information security management: The impact of training and awareness. In: 2012 IEEE 14th International Conference on High Performance Computing and Communication & 2012 IEEE 9th International Conference on Embedded Software and Systems, Liverpool, UK. 2012. s. 1270-1275, ISBN 978-0-7695-4749-7

Search via ReFindit


Werlinger, R., Hawkey, K. , Beznosov, K. 2009. “An integrated view of human, organizational, and technological challenges of it security management”, In: Information Management & Computer Security, 2009. ISSN #0968-5227, roč. 17, č. 1, s. 4-19

Search via ReFindit


Whitman, M. E., Mattord, H. J. 2012. Introduction to information security. In: Principles of Information Security, 2012. s. 1-35. ISBN 978-1-111-13821-9

Search via ReFindit


Yildirim, E. Y., Akalp, G., Aytac, S., Bayram, N. 2011. Factors Influencing Information Security Management in Small-and Medium-Sized Enterprises: A Case Study from Turkey. In: International Journal of Information Management, 2011. ISSN 0268-4012, roč. 31, č. 4, s. 360-365

Search via ReFindit


Zammani, M., Razali, R. 2016. An empirical study of information security management success factors. In: International Journal on Advanced Science, Engineering and Information Technology, 2016. ISSN 2088-5334, roč. 6, č. 6, s. 904-913

Search via ReFindit


Zavadska, Z., Zavadsky, J. 2018. Quality managers and their future technological expectations related to Industry 4.0. Total Quality Management and Business Excellence, pp. 1-25. https://doi.org/10.1080/14783363.2018.1444474

Search via ReFindit