INFORMATION SECURITY IN SMALL AND MEDIUM ENTERPRISES: MITIGATING PERCEIVED RISK

Abstract

In our increasingly interconnected world, where information is readily accessible, technology plays a pivotal role, profoundly impacting both individuals and organizations. This digital revolution has compelled businesses, both large and small, to reevaluate their models and embrace information technology (IT) resources (Lunardi, Dolci, & Maçada, 2010). Prates and Ospina (2004) further emphasize that IT can enhance organizational agility and overall management, offering a competitive edge. Small and medium-sized enterprises (SMEs) are not exempt from this transformation. In Brazil, SMEs contribute significantly to the economy, accounting for a substantial share of GDP and employment (SEBRAE, 2015). With a majority of SMEs in Brazil employing electronic equipment and utilizing management systems (SEBRAE, 2015), the adoption of IT resources has become commonplace. These businesses recognize the critical role of IT in their survival (Biagi & Roldello, 2016). Laureano and Moraes (2005) underscore the value of information as a corporate asset, emphasizing the need for its protection and preservation. The vulnerability of business data can have far-reaching consequences, potentially jeopardizing project execution and corporate strategies (Kroll and D'Ornelas, 2009). Prates and Ospina (2004) stress that SMEs, constrained by limited resources, are particularly susceptible to such threats. This study delves into the evolving landscape of IT adoption in SMEs and the significance of safeguarding information assets.