ISSN (Online): 2321-3418
server-injected
Economics and Management
Open Access

SMEs’ Resilience Toward Cyberattacks in Saudi Arabia: A Review Paper

DOI: 10.18535/ijsrm/v13i12.em13· Pages: 10162-10175· Vol. 13, No. 12, (2025)· Published: December 30, 2025
PDF
Views: 1,080 PDF downloads: 351

Abstract

This paper is a literature review of articles published in various journals and conference proceedings, examining the resilience of small and medium-sized enterprises (SMEs) in Saudi Arabia against cyberattacks, drawing on 19 peer-reviewed studies published between 2020 and 2025, the synthesis integrates empirical surveys, case studies, policy analyses, and comparative research. It intends to help scholars interested in the topic by presenting the issues that have been stated in the review. This review paper also highlights open topics that can be undertaken in future research, The findings reveal that SME resilience is multidimensional, shaped by four interdependent pillars: technological tools, organizational strategies, policy support, and employee training and awareness. Despite notable progress under Saudi’s Vision 2030, gaps persist in awareness, enforcement, and sectoral readiness. This review concludes with recommendations for policymakers, practitioners, and SME leaders, while highlighting limitations and future research opportunities in longitudinal assessments, sector-specific analyses, and evaluations of emerging technologies.

Keywords

CyberattackresilienceSMEsSaudi Arabia

References

  1. Adriko, A., & Nurse, J. R. C. (2024). Opportunities for cyber insurance to address the challenges of cyberattacks: Repercussions for SMEs. University of Sharjah Journal of Law Sciences, 22(1), 560–607. https://doi.org/10.36394/jls.v22.i1.20DOI ↗Google Scholar ↗
  2. Ahmed, N. N., & Nanath, K. (2021). Exploring cybersecurity ecosystem in the Middle East: Towards an SME recommender system. Journal of Cyber Security and Mobility, 511-536.Google Scholar ↗
  3. Albalawi, K. (2025). Opportunities for Cyber Insurance to Address the Challenges of Cyber Attacks: Repercussions for SMEs, University of Sharjah Journal for Law Sciences, 22(1). https//:doi.org/10.36394/jls.v22.i1.20DOI ↗Google Scholar ↗
  4. Alghamdi, S., & Abuabid, A. (2023). IoT Safeguarding in Saudi Tourism Sector: Crafting a Preliminary Security Model for Enhancing Cyber Resilience. International Journal on Recent and Innovation Trends in Computing and Communication, 11(9), 3847-3859.Google Scholar ↗
  5. Alghamdi, M., Alomari, S., & Alkatheri, M. (2024). Adopting Government Cyber Security Initiatives-A study of SMEs in Saudi Arabia. INTERNATIONAL JOURNAL, 3(10), 251-319.Google Scholar ↗
  6. Alharbi, F. (2025). Twelve Years of Cyber Resilience: Analyzing Cyberattacks in Saudi Arabia (2012-2024). TEM Journal, 14(2).Google Scholar ↗
  7. Al-Hawamleh, A. M. (2024). Investigating the multifaceted dynamics of cybersecurity practices and their impact on the quality of e-government services: evidence from the KSA. Digital Policy, Regulation and Governance, 26(3), 317-336.Google Scholar ↗
  8. Alhejaili, M. O. M. (2024). SECURING THE KINGDOM'S E-COMMERCE FRONTIER: EVALUATION OF SAUDI ARABIA'S CYBERSECURITY LEGAL FRAMEWORKS. Journal of Governance and Regulation/Volume. virtusinterpress. Org.Google Scholar ↗
  9. Almoaigel, M. F., & Abuabid, A. (2023). Implementation of Cybersecurity Situation Awareness Model in Saudi SMES. International Journal of Advanced Computer Science & Applications, 14(11).Google Scholar ↗
  10. Alorabi, S., & Abuanzeh, R. (2024). The Role of Risk Management in Enhancing Cybersecurity for Small and Medium Enterprises (SMEs) in Saudi Arabia “Applied Study”. International Journal of Financial, Administrative and Economic Sciences, London Vol (3), No (10), 2024. https://doi.org/10.59992/IJFAES.2024.v3n10p7DOI ↗Google Scholar ↗
  11. Al Oraini, B. (2024). The moderating role of organizational readiness on the blockchain adoption in supply chain among Saudi SMEs. Uncertain Supply Chain Management 12 (2024) 2479–2488. doi: 10.5267/j.uscm.2024.5.021DOI ↗Google Scholar ↗
  12. Al-Somali, S. A., Saqr, R. R., Asiri, A. M., & Al-Somali, N. A. (2024). Organizational cybersecurity systems and sustainable business performance of small and medium enterprises (SMEs) in Saudi Arabia: The mediating and moderating role of cybersecurity resilience and organizational culture. Sustainability, 16(5), 1880.Google Scholar ↗
  13. Al-Zahrani, A. A., & Al-Salloum, O. I. (2025). Success Factors in Achieving Excellence in Cybersecurity (A Case Study of the Kingdom of Saudi Arabia). International Journal of Research and Studies Publishing, 6(68), 59-87.Google Scholar ↗
  14. Asfahani, A. M. (2024). Perceptions of organizational responsibility for cybersecurity in Saudi Arabia: a moderated mediation analysis. International Journal of Information Security, 23(4), 2515-2530.Google Scholar ↗
  15. Elmaasrawy, H. E., & Tawfik, O. I. (2025). Impact of the assertive and advisory role of internal auditing on proactive measures to enhance cybersecurity: Evidence from GCC. Journal of Science and Technology Policy Management, 16(1), 68-93.Google Scholar ↗
  16. GCC, A. (2024). Forecasting cybersecurity indices for GCC countries: Implications for SMEs. Arabian Journal of Information Security, 5(2), 89–104. https://doi.org/10.1109/AJIS.2024.10234DOI ↗Google Scholar ↗
  17. Naqvi, B., Perova, K., Farooq, A., Makhdoom, I., Oyedeji, S., and Porras, J. (2023). Mitigation strategies against the phishing attacks: A systematic literature review. Computers & Security, 132:103387.Google Scholar ↗
  18. Patterson, C.M., Nurse, J.R.C., and Franqueira, V. N. L. (2023). Learning from cyber security incidents: A systematic review and future research agenda. Computers & Security, 132:103309.Google Scholar ↗
  19. Rawindaran, N., Nawaf, L., Alarifi, S., Alghazzawi, D., Carroll, F., Katib, I., & Hewage, C. (2023). Enhancing cyber security governance and policy for SMEs in industry 5.0: a comparative study between Saudi Arabia and the United Kingdom. Digital, 3(3), 200-231.Google Scholar ↗
  20. Renaud, K., & Ophoff, J. (2021). A cyber situational awareness model to predict the implementation of cyber security controls and precautions by SMEs. Organizational Cybersecurity Journal: Practice, Process and People, 1(1), 24-46.Google Scholar ↗
  21. Varma, A. J., Taleb, N., Said, R. A., Ghazal, T. M., Ahmad, M., Alzoubi, H. M., & Alshurideh, M. (2023). A roadmap for SMEs to adopt an AI based cyber threat intelligence. In The effect of information technology on business and marketing intelligence systems (pp. 1903-1926). Cham: Springer International Publishing.Google Scholar ↗
Author details
Saleh Alarifi
Taif University Saudi Arabia
✉ Corresponding Author
👤 View Profile →