Experimental Study based on the Implementation of a Regulatory Framework for the Improvement of Cyber Resilience in SMEs

Main Article Content

Liset S. Rodriguez-Baca
Shridhar Allagi
Rosa Larrea-Serquen
Carlos F. Cruzado
Mitchell Alarcon Diaz
Sandra Garcia-Hernández
Julio Daza Monteiro


Currently, applying regulations oriented to cybersecurity, cyber resilience is relevant to face the high rates of cyberattacks, which have caused an interruption in the operational processes of organizations, generating an economic loss, and affecting the continuity of their business processes on the web. In this scenario, small and medium-sized enterprises (SMEs) are the most affected due to their weak technological infrastructure. Given this, this experimental study was developed to implement a regulatory framework for the improvement of cyber resilience; the criteria anticipate, resist, recover and evolve presented significant statistical values of improvement after the application of the experiment. This research contributes to counteract the refusal to use information technologies for business development; Improvement actions were carried out to face threats and computer vulnerabilities to which organizations are exposed when carrying out operations in cyberspace.

Article Details

How to Cite
Rodriguez-Baca, L. S. ., Allagi, S. ., Larrea-Serquen, R. ., Cruzado, C. F. ., Diaz, M. A. ., Garcia-Hernández, S. ., & Monteiro, J. D. . (2023). Experimental Study based on the Implementation of a Regulatory Framework for the Improvement of Cyber Resilience in SMEs. International Journal on Recent and Innovation Trends in Computing and Communication, 11(3), 199–205. https://doi.org/10.17762/ijritcc.v11i3.6337


IBM Security, “Cyber Resilient Organization Report,” Ibm, 2020.

Joint Publication ENISA and CERT-EU, “Boosting your Organisation’s Cyber Resilience,” vol. 22–01, pp. 1–5, 2022.

Centro Criptológico Nacional, “CCN-CERT IA-24-22 - Ciberamenazas y tendencias,” Https://Medium.Com/, 2022, [Online]. Available: https://medium.com/@arifwicaksanaa/pengertian-use-case-a7e576e1b6bf

Kaspersky, “Cyber-resilience during a crisis: How are Small and Medium businesses staying security-prepared in an unpredictable market?,” 2022. [Online]. Available: https://www.kaspersky.com/blog/smb-cyber-resilience-report-2022/

T. Godbole, S. Gochhait, and D. Ghosh, “Developing a framework to measure cyber resilience behaviour of indian bank employees,” pp. 299–309, 2022, doi: 10.1007/978-981-16-4177-0_31.

R. Faleiro, L. Pan, Pokhrel, S. R., and R. Doss, “Digital twin for Cybersecurity: Towards enhancing cyber resilience,” pp. 57–76, 2022, doi: 10.1007/978-3-030-93479-8_4.

E. Vogel, Z. Dyka, D. Klann, and P. Langendörfer, “Resilience in the Cyberworld: Definitions, Features and Models,” Futur. Internet, vol. 13, no. 11, p. 293, 2021, doi: 10.3390/fi13110293.

D. Jaramillo, K. Romero, and C. Ramos, “Security framework for mobile application development and its contribution to cyberresilience,” RISTI - Rev. Iber. Sist. e Tecnol. Inf., vol. 2021, no. E42, pp. 442–458, 2021.

O. Lemeshko, O. Yeremenko, M. Yevdokymenko, and D. Ageyev, “Redundancy cyber resiliency technique based on fast ReRouting under security metric,” 2021, doi: 10.1109/PICST51311.2020.9468072.

Gajek S., L. M., and J. C., “IIoT and cyber-resilience: Could blockchain have thwarted the Stuxnet attack?,” AI Soc., vol. 36, no. 3, pp. 725–73, 2021, doi: 10.1007/s00146-020-01023-w.

A. Tiwari, R. A. L. Narasimha, and S. Bukkapatnam, “Cybersecurity assurance in the emerging manufacturing-as-a-service (MaaS) paradigm: A lesson from the video streaming industry,” Smart Sustain. Manuf. Syst., vol. 4, no. 3, 2020, doi: 10.1520/SSMS20200066.

X. Liang, C. Konstantinou, S. Shetty, E. Bandara, and R. Sol, “Decentralizing Cyber Physical Systems for Resilience: An Innovative Case Study from A Cybersecurity Perspective,” Informática y Segur., vol. 124, 2023, doi: 10.1016/j.cose.2022.102953.

M. T. Ralekgokgo, M. Velempini, and S. S. Mapunya, “Malicious Packet Injection on Software-Defined Networking as a Strategy to Improve Security,” in 7th International Congress on Information and Communication Technology, ICICT 2022, 2023, pp. v–vi. doi: 10.1007/978-981-19-2397-5_1.

D. Dagdilelis, M. Blanke, R. H. Andersen, and R. Galeazzi, “Cyber-resilience for marine navigation by information fusion and change detection,” Ocean Eng., vol. 266, 2022, doi: 10.1016/j.oceaneng.2022.112605.

Goldstein J.C. and Goldstein H.V., “Intraoperative cyberattacks: cyberthreat awareness and cyber-resilience strategies in anesthesia,” Can. J. Anesth., vol. 68, no. 12, pp. 1838–1839, 2021, doi: 10.1007/s12630-021-02102-2.

J. Groenendaal and I. Helsloot, “Cyber resilience during the COVID-19 pandemic crisis: A case study,” J. Contingencies Cris. Manag., vol. 29, no. 4, pp. 439–444, 2021, doi: 10.1111/1468-5973.12360.

L. S. . Rodriguez-Baca, R. L. . Larrea-Serquen, C. F. Cruzado, M. ;Alarcon-Diaz, S. E. ;Garcia- Hernandez, and J. ;Pebe-Espinoza, “Business Cybersecurity. Case study in Peruvian and Mexican SMEs,” 2022. doi: 10.1109/INCET54531.2022.9824900.

S. Rahman, N. U. I. Hossain, K. Govindan, F. Nur, and M. Bappy, “Assessing cyber resilience of additive manufacturing supply chain leveraging data fusion technique: A model to generate cyber resilience index of a supply chain,” CIRP J. Manuf. Sci. Technol., vol. 35, pp. 911–928, 2021, doi: 10.1016/j.cirpj.2021.09.008.

A. Kott, M. S. Golan, B. D. Trump, and I. Linkov, “Cyber Resilience: By Design or by Intervention?,” Computer (Long. Beach. Calif)., vol. 54, no. 8, pp. 112–117, 2021, doi: 10.1109/MC.2021.3082836.

G. Ahmadi-Assalemi, H. Al-Khateeb, G. Epiphaniou, and C. Maple, “Cyber Resilience and Incident Response in Smart Cities: A Systematic Literature Review,” Smart Cities, vol. 3, no. 3, pp. 894–927, 2020, doi: 10.3390/smartcities3030046.

INCIBE, “Indicadores para Mejora de la Ciberresiliencia ( IMC ),” no. Imc, pp. 1–17, 2020, [Online]. Available: https://www.incibe-cert.es/guias-y-estudios/guias/imc-indicadores-mejora-ciberresiliencia