Designing a cyber risk assessment tool for small to medium enterprises
Ruben Koeze (TU Delft - Technology, Policy and Management)
Wolter Pieters – Mentor
Virginia Dignum – Graduation committee member
Pieter van Gelder – Coach
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
With the extensive use of the internet nowadays, companies are becoming more and more at risk from cyber-attacks. Especially SMEs are vulnerable, as they lack in cybersecurity. This is due to time, resource and knowledge constraints. In the literature no clear solutions can be found in order to help SMEs with their cybersecurity. To overcome these issues, this research aims in developing a method with which a tool can be developed that can help SMEs in getting insights in their cybersecurity status. This tool should be capable of letting an SME do their own risk assessment without investing too much money or time. In order to do this, existing methods are analyzed. After the analysis, the TREsPASS method is used a basis for the tool. This method is slimmed down in order to fit the needs of SMEs. By creating a knowledge based system, the SMEs can use the knowledge of cybersecurity experts without the requirement to have to knowledge in-house.