Experts’ feedback on the cybersecurity footprint elements: in pursuit of a quantifiable measure of SMBs’ cybersecurity posture
Information and Computer Security
ISSN: 2056-4961
Article publication date: 4 July 2023
Issue publication date: 16 November 2023
Abstract
Purpose
While data breaches are reported daily, organizations are struggling with quantifying their cybersecurity posture. This paper aims to introduce the Universal Cybersecurity Footprint Index (UCFI), an organizational measure of Cybersecurity Footprint. The UCFI helps organizations understand the challenges related to their overall cybersecurity posture and be able to assess it for their supply chain cybersecurity. The Theory of Cybersecurity Footprint states that the risk and damage that can be caused by an attacked organization are not related to the size of the organization but to a range of parameters that may affect the interconnected entities in their supply chain.
Design/methodology/approach
Based on the 26 elements found in prior research, a survey was conducted, using 27 subject matter experts to reveal the most relevant elements and then specify their importance level to calculate their relative weight.
Findings
Results indicated that 20 of the 26 elements were validated, and their weights were calculated. Finally, an equation representing the UCFI for an organization is introduced.
Practical implications
Organizations can choose their partners according to a minimum value of the UCFI to reduce their cybersecurity risks.
Social implications
Supply chain cybersecurity incidents have demonstrated in the past several years to provide a massive impact on society. Thus, further assisting in mitigation of cyberattacks to the supply chain is significant.
Originality/value
This research aims to provide further assistance for organizations in quantifying their cybersecurity footprint in effort to help reduce cyber incidents, especially those for small organizations.
Keywords
Citation
Gafni, R. and Levy, Y. (2023), "Experts’ feedback on the cybersecurity footprint elements: in pursuit of a quantifiable measure of SMBs’ cybersecurity posture", Information and Computer Security, Vol. 31 No. 5, pp. 601-623. https://doi.org/10.1108/ICS-05-2023-0083
Publisher
:Emerald Publishing Limited
Copyright © 2023, Emerald Publishing Limited