Types of Cyber Risks for SMEs: Classification and Business Impact

Aļona Bahmanova; Nataļja Lāce

Types of Cyber Risks for SMEs: Classification and Business Impact

15th International Scientific Conference “Business and Management 2025": Conference Proceedings 2025
Aļona Bahmanova, Nataļja Lāce

This work investigates cyber risks affecting small and medium-sized enterprises (SMEs), aiming to classify them and assess their business impact. Using a systematic literature review and qualitative content analysis of 71 peer-reviewed articles from Scopus, six main categories of cyber risks were identified. These include external threats, insider risks, data vulnerabilities, reputational and financial risks, emerging technologies, and operational weaknesses. The findings highlight the need for SMEs to adopt sector-specific, proactive cyber resilience strategies. The study contributes to the development of effective risk management practices tailored to the unique challenges faced by SMEs.

Keywords
Cyber risks, SMEs, cybersecurity, cyber resilience, risk classification

Bahmanova, A., Lāce, N. Types of Cyber Risks for SMEs: Classification and Business Impact. In: 15th International Scientific Conference “Business and Management 2025": Conference Proceedings, Lithuania, Vilnius, 15-16 May, 2025. Vilnius: Vilnius Gediminas Technical University, 2025, pp.40-47.

Publication language
English (en)

Publication Type
Full-text conference paper published in conference proceedings indexed in SCOPUS or WOS database
Funding for basic activity
State funding for education
Field of research
5. Social sciences
Sub-field of research
5.2 Economics and Business
Research platform
None
ID: 41361