Key points are not available for this paper at this time.
Cyber attacks are an increasingly significant issue for Swiss SMEs. About one third have already experienced cyber attacks, and four percent have been blackmailed as a result. Most of these problems began with phishing attacks, where criminal elements gained access to the IT system by exploiting an employee error or oversight. We interviewed several employees of Swiss SMEs to understand how their attitudes towards cyber attacks may affect this vulnerability and to develop practical suggestions for corrective action. The interviews were conducted using deep metaphors to understand the hidden cultural and emotional drivers of behavior rather than the rational, visible components. We developed three recommendations to take advantage of the proactive culture at SMEs and decrease their dependence on third-party providers: raise awareness, empower employees, and train a recovery mode.
Pugnetti et al. (Fri,) studied this question.