学术文献库

Small and medium-sized enterprises (SME) are considered more vulnerable to cyber-attacks. However, and based on SMEs characteristics, they do not adopt good cybersecurity practices. To address the SMEs security adoption problem, we are designing a do-it-yourself (DIY) security assessment and capability improvement method, CYSEC. In the first validation of CYSEC, we conducted a multi-case study in four SMEs. We observed that confidentiality concerns could influence users decisions to provide CYSEC with relevant and accurate security information. The lack of precise information may impact our DIY assessment method to provide accurate recommendations. In this paper, we explore the importance of dynamic consent and its effect on SMEs trust perception and sharing information. We discuss the lack of trust perception may be addressed by applying dynamic consent. Finally, we describe the results of three interviews with SMEs and present how the new way of communication in CYSEC can help us to understand better SMEs attitudes towards sharing information.