Document Type

Article

Publication Date

2025

DOI

10.1111/risa.70026

Publication Title

Risk Analysis

Volume

Article in Press

Pages

25 pp.

Abstract

The growing sophistication of cyberattacks exposes small- and medium-sized businesses (SMBs) to a widening range of security risks. As these threats evolve in complexity, the need for advanced security measures becomes increasingly pressing. This necessitates a proactive approach to defending against potential cyber intrusions. Emerging technologies, such as blockchain, artificial intelligence, and Zero Trust security framework, offer crucial tools for strengthening the digital infrastructure of SMBs. The Zero Trust architecture (ZTA) holds significant promise as a critical strategy for protecting SMBs. While existing literature explores the implementation of ZTA in various business settings, discussions specifically addressing the financial, human resource, and capability limitations of SMBs remain scarce. Given the vital role of SMBs in the global economy, this research offers a valuable opportunity to bridge this gap and assist researchers and practitioners in enhancing the cybersecurity of SMBs through ZTA adoption by examining and classifying potential risks that may arise during the pre- and post-deployment phases of ZTA implementation within SMBs. The risks, benefits, and challenges of ZTA adoption are introduced from the unique perspective of SMBs. Practical solutions and mitigation strategies will be provided to address the identified ZT risks and streamline the migration process for SMBs. The findings of that research showed that ZTA will bolster the cybersecurity posture and reduce the cyber risk for SMBs only if they address its associated risks effectively. Future research directions underscore the need for more research to help SMBs migrate to ZTA and mitigate the risks it may pose.

Rights

© The Author(s)

This is an open access article under the terms of the Creative Commons Attribution NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License, which permits use and distribution in any medium, provided the original work is properly cited, the use is non-commercial and no modifications or adaptations are made.

ORCID

0000-0003-2704-7477 (Abdelmagid), 0000-0002-8637-5967 (Diaz)

Original Publication Citation

Abdelmagid, A. M., & Diaz, R. (2025). Zero Trust architecture as a risk countermeasure in small-medium enterprises and advanced technology systems. Risk Analysis. Advance online publication. https://doi.org/10.1111/risa.70026

Download

Share

COinS