NDSS

Rapid Cybersecurity Assessment System for Small Business’ COVID Move to Online

Tracy Tam, Asha Rao, and Joanne Hall (RMIT)

COVID19 has made small businesses around the world rapidly adopt new online sales channels and tools. In this digital push for survival, the cybersecurity of the new systems has likely been forgotten. An existing global cybersecurity skills shortage means traditional individualised security assessments for these newly digital businesses are not practical. This paper proposes a web based self-assessment system (SE-CAP) to enable small business owners to conduct their own cybersecurity assessments. Designed with rapid deployability in mind, SE-CAP uses proven web based technologies to deliver a new solution to help small businesses become cyber-safe. The design of SE-CAP takes into account small business issues around record keeping, time constraints and poor technical literacy. The generic nature of the system allows SE-CAP’s host organisation to customise and extend the self-assessment system beyond its initial scope. Challenges with industry cybersecurity knowledge gaps prevent SE-CAP’s completeness. However, these gaps could be filled, in the interim, by the host organisation.