Analysis of cybersecurity practices in a developing country: The role of firm size and digital strategy

 

Gorde:
Xehetasun bibliografikoak
Egileak: Arce, Susan, Arroyo, Mauricio, Martínez, Jose
Formatua: artículo original
Egoera:Versión publicada
Argitaratze data:2026
Deskribapena:Digital technologies have revolutionized how firms operate and compete; however, their integration in business processes also amplifies the exposure to cybersecurity threats which might compromise the firm’s data integrity and market continuity.  Cybersecurity practices have therefore become a priority to secure business operations in the new digitally-led market landscape. This study evaluates the cybersecurity maturity level in Costa Rican firms, distinguishing between SMEs and large firms, aiming to identify shared patterns and challenges faced by these firms in improving their cybersecurity practices. Furthermore, we explore whether adoption of cybersecurity practices is explained by factors related to firm size and the adoption of a formal digital strategy. The results of the cluster analysis on a sample of 66 Costa Rican firms suggest that firms show different levels of cybersecurity maturity, with the most advanced firms consistently excelling at cybersecurity engagement, awareness, and vulnerability  management. Also, results reveal that firm size and the presence of a formal digital strategy are strongly associated with  cybersecurity maturity: larger firms with a digital strategy tend to be ‘cybersecurity leaders’, whereas most sampled smaller firms do not have a formal digital strategy and tend to fall into the ‘cybersecurity laggards’ group, which indicates their greater vulnerability to cyber risks. The identified discrepancies unveil firms’ necessity for strategically integrating security considerations into all their processes, and adopt structured, adaptive improvement approaches to mitigate cyber-threats effectively.
Herria:Portal de Revistas TEC
Erakundea:Instituto Tecnológico de Costa Rica
Repositorio:Portal de Revistas TEC
Hizkuntza:Inglés
OAI Identifier:oai:ojs.pkp.sfu.ca:article/8634
Sarrera elektronikoa:https://revistas.tec.ac.cr/index.php/tec_empresarial/article/view/8634
Gako-hitza:Ciberseguridad
estrategia digital
modelo de conglomerados
conciencia en ciberseguridad
vulnerabilidades
Cybersecurity
digital strategy
cluster model
cybersecurity awareness
vulnerabilities