Cyberattacks negatively impact the performance of enterprises all around the globe. While organizations invest more in cybersecurity to avoid cyberattacks, studies on the factors affecting their overall cybersecurity adoption and awareness are sparse. In this paper, by integrating the diffusion of innovation theory (DOI), technology acceptance model (TAM), and technology-organization-environment (TOE) with the balanced scorecard approach, we propose a comprehensive set of factors that influence cybersecurity adoption and assess the effects of these factors on organizational performance. Data are collected through a survey of IT experts in small and medium-sized enterprises (SMEs) in the United Kingdom, with 147 valid responses. Structural equation modeling based on a statistical package for the social sciences (SPSS) was used to assess the model. The findings identify and confirm the importance of eight factors affecting SMEs' cybersecurity adoption. Moreover, cybersecurity technology adoption is found to positively impacts organizational performance. The proposed framework depicts variables influencing cybersecurity technology adoption and assesses their importance. The outcomes of this study provide a basis for future research and can be adopted by IT and cybersecurity managers to identify the most appropriate cybersecurity technologies that positively impact their company's performance.
Keywords: Balanced scorecard; Cybersecurity; SMEs; Technology-organization-environment.
© The Author(s), under exclusive licence to Springer Nature Switzerland AG 2023, Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.