The purpose of this paper is to enhance comprehension of the mechanisms by which cybersecurity awareness (CSAW) impact the performance of small- and medium-sized manufacturers. This will be accomplished by testing the mediation effect of cybersecurity supply chain risk management (C-SCRM).
The paper is based on a mixed-method approach consisting of a questionnaire survey and qualitative interviews. The questionnaire survey involves 248 individual respondents and was conducted from December 2023 to February 2024 among Danish small- and medium-sized enterprises (SMEs). Based on these insights, nuanced interpretations of the survey results have been explored through four qualitative interviews in Danish production SMEs.
The results reveal that despite a nonsignificant total effect of CSAW on financial performance, there is interestingly a positive indirect effect through C-SCRM. For commercial performance, both the total effect from CSAW and the indirect effect through C-SCRM was insignificant.
Data were collected from Danish companies, each having a single respondent. Further research is necessary to analyze these relationships in other countries and with multiple respondents per company.
The results indicate that it pays off to prioritize cybersecurity in supply chains, initially through increased awareness and subsequently with investments in C-SCRM practices to improve financial firm performance.
To the best of the authors’ knowledge, this paper is the first to empirically investigate C-SCRM based on NIST 2.0 in the context of SMEs.
