Analysis of cybersecurity practices in a developing country: The role of firm size and digital strategy
Gorde:
| Egileak: | , , |
|---|---|
| Formatua: | artículo original |
| Egoera: | Versión publicada |
| Argitaratze data: | 2026 |
| Deskribapena: | Digital technologies have revolutionized how firms operate and compete; however, their integration in business processes also amplifies the exposure to cybersecurity threats which might compromise the firm’s data integrity and market continuity. Cybersecurity practices have therefore become a priority to secure business operations in the new digitally-led market landscape. This study evaluates the cybersecurity maturity level in Costa Rican firms, distinguishing between SMEs and large firms, aiming to identify shared patterns and challenges faced by these firms in improving their cybersecurity practices. Furthermore, we explore whether adoption of cybersecurity practices is explained by factors related to firm size and the adoption of a formal digital strategy. The results of the cluster analysis on a sample of 66 Costa Rican firms suggest that firms show different levels of cybersecurity maturity, with the most advanced firms consistently excelling at cybersecurity engagement, awareness, and vulnerability management. Also, results reveal that firm size and the presence of a formal digital strategy are strongly associated with cybersecurity maturity: larger firms with a digital strategy tend to be ‘cybersecurity leaders’, whereas most sampled smaller firms do not have a formal digital strategy and tend to fall into the ‘cybersecurity laggards’ group, which indicates their greater vulnerability to cyber risks. The identified discrepancies unveil firms’ necessity for strategically integrating security considerations into all their processes, and adopt structured, adaptive improvement approaches to mitigate cyber-threats effectively. |
| Herria: | Portal de Revistas TEC |
| Erakundea: | Instituto Tecnológico de Costa Rica |
| Repositorio: | Portal de Revistas TEC |
| Hizkuntza: | Inglés |
| OAI Identifier: | oai:ojs.pkp.sfu.ca:article/8634 |
| Sarrera elektronikoa: | https://revistas.tec.ac.cr/index.php/tec_empresarial/article/view/8634 |
| Gako-hitza: | Ciberseguridad estrategia digital modelo de conglomerados conciencia en ciberseguridad vulnerabilidades Cybersecurity digital strategy cluster model cybersecurity awareness vulnerabilities |