The effects of cyber-crime on e-commerce; a model for SMEs in Kenya
Technology has become the norm of various activities within our business. Its ubiquitous state has seen businesses adapting to innovative products and services to its customers, developing customer centric strategies in order to deliver customer friendly products and services to the target market. Since technology itself has become indispensable with it comes a tunnel of attack which affects the confidentiality, integrity and availability of information in businesses. Most assets for SMEs are usually vulnerable to cyber-attacks due to their business model hence unable to put in place structures to minimize or mitigate against attacks to their assets. SMEs fall victims of these attacks and this has resulted to either massive loss of businesses or closure of some SMEs. It is evident from this study that there is need to treat SMEs different in terms of cybercrime security from large pool of corporates. When Cybercrime attacks occur, organizations need to assess the damage and loss from this crime. While large organizations have the mechanisms to determine such losses, SMEs lack such capability and often ignore the need to implement effective information security measures. This study focusses on the various cyber-attacks that SMEs fall victims of. Further analysis was done on the various cybercrime models that are used by organization to counter cyber-attack. Most of the existing cybercrime models are reactive after a cyber-attack has been committed and are not specific on SMEs. Both qualitative and quantitative research methods were used in this study to collect data from various SMEs on cyber-crime attack. From the findings, it was very clear that most SMEs do not put emphasis or assign enough resources on cybercrime attack and yet fall victims of continuous attacks. The SMEs have minimal, or no expertise, to tackle cyber-crime and rely heavily on friends or the internet for cyber-attack information. Input from the existing models, secondary sources and collected data has enabled realization of the cybercrime model for SMEs which focusses on preventive, detective and reactive measures in the fight against cybercrime. There is also focus on the government and how they can come in strongly and support SMEs especially with use of the CERT systems in place, depending on the SMEs nature they can get advice and support in an event of a cyber-attack. This will enable SMEs reduce on their manpower and rely on the arm of the government for advise and support on Cybercrime activities.