Investigating the Factors Inhibiting SMEs From Recognizing and Measuring Losses From Cyber Crime in South Africa
The level of cyber attacks on organisations has increased tremendously in recent years. When such attacks occur, organisations need to assess the damage and loss from this crime. While large organisations have the mechanisms to determine such losses, SMEs lack such capability and often ignore the need to implement effective information security measures. Consequently, their risk exposure to cyber threats and the losses they incur from these attacks are often high. However, the current legislative requirements, costly legal liabilities for non-compliance, and increasing pressure by stakeholders (e.g., lenders and business partners) on SMEs to comply with good practices suggest that SMEs cannot ignore security any longer.