Enabling SME Participation in Cybersecurity Information Sharing: A Human-Centric, Socio-Technical Model
摘要
Cybersecurity Information Sharing (CIS) among Small and Medium-sized Enterprises (SMEs) is increasingly recognized as essential for collective threat mitigation, yet participation remains low due to complex human, social, and organizational barriers. Underpinned by Social Cognitive Theory (SCT) this study explores how human factors such as trust, leadership engagement, awareness levels, and communication practices influence CIS participation within SME ecosystems. Drawing on academic literature and analysis of primary quantitative and qualitative data, we present a socio-technical model that conceptualizes CIS as a form of digital crowdsourcing, embedded within informal and semi-formal social networks. Our findings indicate that SME participation in CIS is significantly enhanced when trust-building practices, cultural alignment, and role-specific awareness are actively supported through peer influence and community-based engagement mechanisms. The proposed model identifies the conditions under which SMEs are most likely to share security intelligence, including personalization of tools, clear governance structures, and inter-organizational trust scaffolding. This work emphasizes the role of social structures and crowdsourcing dynamics in driving effective cybersecurity engagement, offering practical implications for designing inclusive, scalable, and human-aware CIS platforms tailored for resource-constrained SMEs. This work contributes to broader efforts in boosting cyber resilience through socially grounded, technology-supported approaches.