Types of Cyber Risks for SMEs: Classification and Business Impact
Conference Proceedings 2025 2025
Aļona Bahmanova, Nataļja Lāce

This work investigates cyber risks affecting small and medium-sized enterprises (SMEs), aiming to classify them and assess their business impact. Using a systematic literature review and qualitative content analysis of 71 peer-reviewed articles from Scopus, six main categories of cyber risks were identified. These include external threats, insider risks, data vulnerabilities, reputational and financial risks, emerging technologies, and operational weaknesses. The findings highlight the need for SMEs to adopt sector-specific, proactive cyber resilience strategies. The study contributes to the development of effective risk management practices tailored to the unique challenges faced by SMEs.


Keywords
Cyber risks, SMEs, cybersecurity, cyber resilience, risk classification.

Bahmanova, A., Lāce, N. Types of Cyber Risks for SMEs: Classification and Business Impact. In: Conference Proceedings 2025, Lithuania, Vilnius, 15-16 May, 2025. Vilnius: Vilnius Gediminas Technical University, 2025, pp.40-47.

Publication language
English (en)
The Scientific Library of the Riga Technical University.
E-mail: uzzinas@rtu.lv; Phone: +371 28399196