first_pagesettingsOrder Article Reprints
Open AccessArticle
Enhancing Cyber Security Governance a... more first_pagesettingsOrder Article Reprints Open AccessArticle Enhancing Cyber Security Governance and Policy for SMEs in Industry 5.0: A Comparative Study between Saudi Arabia and the United Kingdom by Nisha Rawindaran 1,Liqaa Nawaf 1,*ORCID,Suaad Alarifi 2,Daniyal Alghazzawi 2ORCID,Fiona Carroll 1ORCID,Iyad Katib 2ORCID andChaminda Hewage 1ORCID 1 Cardiff School of Technology, Cardiff Metropolitan University, Cardiff CF5 2YB, UK 2 Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia * Author to whom correspondence should be addressed. Digital 2023, 3(3), 200-231; https://doi.org/10.3390/digital3030014 Received: 13 June 2023 / Revised: 19 July 2023 / Accepted: 31 July 2023 / Published: 14 August 2023 Download Browse Figures Review Reports Versions Notes Abstract The emergence of Industry 5.0 has revolutionized technology by integrating physical systems with digital networks. These advancements have also led to an increase in cyber threats, posing significant risks, particularly for small and medium-sized enterprises (SMEs). This research investigates the resistance of SMEs in Saudi Arabia and the United Kingdom (UK) to cyber security measures within the context of Industry 5.0, with a specific focus on governance and policy. It explores the cultural and economic factors contributing to this resistance, such as limited awareness of cyber security risks, financial constraints, and competing business priorities. Additionally, the study examines the role of government policies and regulations in promoting cyber security practices among SMEs and compares the approaches adopted by Saudi Arabia and the UK. By employing a mixed methods analysis, including interviews with SME owners and experts, the research highlights challenges and opportunities for improving cyber security governance and policy in both countries. The findings emphasize the need for tailored solutions due to the differing cultural and economic contexts between Saudi Arabia and the UK. Specifically, the study delves into the awareness and implementation of cyber security measures, focusing on SMEs in Saudi Arabia and their adherence to the Essential Cyber Security Controls (ECC-1:2018) guidelines. Furthermore, it examines the existing cyber security awareness practices and compliance in the UK, while also comparing official guidance documents aimed at supporting SMEs in achieving better cyber security practices. Based on the analysis, greater engagement with these documents is recommended in both countries to foster awareness, confidence, and compliance among SMEs, ultimately enhancing their cyber security posture. This paper offers a comparative research study on governance and policy between Saudi Arabia and the UK, presenting a set of recommendations to strengthen cyber security awareness and education, fortify regulatory frameworks, and foster public–private partnerships to combat cyber security threats in the Industry 5.0 landscape.
Uploads
Papers by F. Carroll
Open AccessArticle
Enhancing Cyber Security Governance and Policy for SMEs in Industry 5.0: A Comparative Study between Saudi Arabia and the United Kingdom
by Nisha Rawindaran 1,Liqaa Nawaf 1,*ORCID,Suaad Alarifi 2,Daniyal Alghazzawi 2ORCID,Fiona Carroll 1ORCID,Iyad Katib 2ORCID andChaminda Hewage 1ORCID
1
Cardiff School of Technology, Cardiff Metropolitan University, Cardiff CF5 2YB, UK
2
Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia
*
Author to whom correspondence should be addressed.
Digital 2023, 3(3), 200-231; https://doi.org/10.3390/digital3030014
Received: 13 June 2023 / Revised: 19 July 2023 / Accepted: 31 July 2023 / Published: 14 August 2023
Download Browse Figures Review Reports Versions Notes
Abstract
The emergence of Industry 5.0 has revolutionized technology by integrating physical systems with digital networks. These advancements have also led to an increase in cyber threats, posing significant risks, particularly for small and medium-sized enterprises (SMEs). This research investigates the resistance of SMEs in Saudi Arabia and the United Kingdom (UK) to cyber security measures within the context of Industry 5.0, with a specific focus on governance and policy. It explores the cultural and economic factors contributing to this resistance, such as limited awareness of cyber security risks, financial constraints, and competing business priorities. Additionally, the study examines the role of government policies and regulations in promoting cyber security practices among SMEs and compares the approaches adopted by Saudi Arabia and the UK. By employing a mixed methods analysis, including interviews with SME owners and experts, the research highlights challenges and opportunities for improving cyber security governance and policy in both countries. The findings emphasize the need for tailored solutions due to the differing cultural and economic contexts between Saudi Arabia and the UK. Specifically, the study delves into the awareness and implementation of cyber security measures, focusing on SMEs in Saudi Arabia and their adherence to the Essential Cyber Security Controls (ECC-1:2018) guidelines. Furthermore, it examines the existing cyber security awareness practices and compliance in the UK, while also comparing official guidance documents aimed at supporting SMEs in achieving better cyber security practices. Based on the analysis, greater engagement with these documents is recommended in both countries to foster awareness, confidence, and compliance among SMEs, ultimately enhancing their cyber security posture. This paper offers a comparative research study on governance and policy between Saudi Arabia and the UK, presenting a set of recommendations to strengthen cyber security awareness and education, fortify regulatory frameworks, and foster public–private partnerships to combat cyber security threats in the Industry 5.0 landscape.