Inzicht in Cyber risico's voor het MKB
: Het ontwikkelen van een raamwerk waarmee een MKB-ondernemer inzicht krijgt in de risico’s voor zijn bedrijfsvoering, vanwege onvoldoende genomen cybersecuritymaatregelen

Translated title of the thesis: Cyber risks insight for SMEs: Developing a framework in order to address a SMEs business processes risks in comparison to taken cyber security measures
  • B. Slaager

Student thesis: Master's Thesis


Benedikt Slaager, Open University of the Netherlands, faculty of Management, Science & Technology Abstract of Master’s Thesis, Submitted October 31, 2020
Developing a Cyber security framework in order to address a SMEs business processes risks

The goal of this study was to develop a framework in order to address SMEs business processes risks in relation to taken cyber security measures. Large cooperation’s spend millions on Cybersecurity and hire expensive Cybersecurity specialists to try and battle Cybercrime. But for many smaller companies and especially SME’s it is still very difficult to imagine the threat of Cybercrime and to anticipate and act accordingly. SME’s lack insight into Cyber risks. Therefor the main objective was to develop a self-measurement cybersecurity tool. This study was designed by first conducting a literature study into three constructs: process maturity, level of digitalization and taken Cybersecurity measures. After presenting these into a framework, interviews with Cyber specialists resulted into specific risks for the various levels which were added to the framework. Finally, this framework was judged by the specialists for usability. The results of this study show that the framework is applicable for identifying security risks and more, that most of these risks are business related instead of technology related. Further research is recommended to tailor the framework for specific SME domains of expertise to enhance the usability of the framework.
Date of Award16 Apr 2021
Original languageDutch
SupervisorRob Kusters (Examiner) & Versendaal (Co-assessor)


  • Cyber security
  • SME
  • risk assessment
  • security scan
  • Cyber maturity level
  • Business Process risk

Master's Degree

  • Master Business Process management & IT (BPMIT)

Cite this