IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v15y2023i4p3516-d1068419.html
   My bibliography  Save this article

Identification of SMEs in the Critical Factors of an IS Backup System Using a Three-Stage Advanced Hybrid MDM–AHP Model

Author

Listed:
  • You-Shyang Chen

    (College of Management, National Chin-Yi University of Technology, Taichung 411030, Taiwan)

  • Jerome Chih-Lung Chou

    (Department of Information Management, Hwa Hsia University of Technology, New Taipei City 235, Taiwan)

  • Yu-Sheng Lin

    (Executive Doctoral Business Administration, Danphine University of Business, CEDEX 16, 75775 Paris, France)

  • Ying-Hsun Hung

    (Department of Finance, Chaoyang University of Technology, Taichung 413310, Taiwan)

  • Xuan-Han Chen

    (Department of Information Management, Hwa Hsia University of Technology, New Taipei City 235, Taiwan)

Abstract

Backup system work represents “the last mile” of information security (IS). To avoid data loss or damage, enterprises should execute data backup periodically to ensure the integrity and availability of such data. Additionally, due to the continuous emergence of IS incidents featuring malicious attacks in recent years, major firms in countries around the world have successively reported being under attack by ransomware viruses. In particular, small and medium enterprises (SMEs) became the potential targets of malicious attacks based on their different types of IS awareness and degrees of digitalization; therefore, IS work has become one of the essential topics with special significance for numerous SMEs. To this end, this paper studied the factors influencing SMEs’ adoption of IS backup systems in the hope that the critical decision-making behaviors of SMEs regarding the issue of IS could be learned. Practical suggestions can be made for the marketing schemes adopted by IS manufacturers concerning the planning of IS backup systems. Thus, this study used three methodological stages to address the exciting issue of IS backup systems for SMEs. In the first stage, 11 factors at two hierarchies involving three constructs influencing SMEs’ adoption of IS backup systems were summarized via a literature review. The constructs included financial consideration (FC), the IS incident, and business IS decision making (BISD-M). In the second stage, an expert questionnaire was applied; an advanced hybrid modified Delphi method (MDM) and analytic hierarchy process (AHP) with expert input were constructed to identify the sorting of overall weights based on the 11 factors included in the first stage. Following the empirical conclusions, the top three critical factors were “disaster loss amount”, “enterprise’s downtime”, and “supplier’s contractual requirements”. The conclusions of this study indicated that two factors were included in the FC construct; thus, the FC construct influenced IS the most, and the BISD-M construct took second place. In the final stage, through re-checking three actual cases, the results of this study were verified with specific respect to the FC. In conclusion, to popularize IS backup systems among SMEs and fully implement IS, manufacturers may start from the FC in the hope that the severe impact caused by IS incidents featuring malicious attacks can be slowed down and the losses encountered can be lowered. The empirical results and conclusions of this study can be used for reference by SMEs, and both theoretical and empirical foundations have been provided for further studies in academic circles; the results above also show a significant application contribution of this study.

Suggested Citation

  • You-Shyang Chen & Jerome Chih-Lung Chou & Yu-Sheng Lin & Ying-Hsun Hung & Xuan-Han Chen, 2023. "Identification of SMEs in the Critical Factors of an IS Backup System Using a Three-Stage Advanced Hybrid MDM–AHP Model," Sustainability, MDPI, vol. 15(4), pages 1-29, February.
    • Handle: RePEc:gam:jsusta:v:15:y:2023:i:4:p:3516-:d:1068419
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/15/4/3516/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/15/4/3516/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Eunkyung Kweon & Hansol Lee & Sangmi Chai & Kyeongwon Yoo, 2021. "The Utility of Information Security Training and Education on Cybersecurity Incidents: An empirical evidence," Information Systems Frontiers, Springer, vol. 23(2), pages 361-373, April.
    2. Tsui-Yuan Chang & Hsi-Peng Lu & Tain-Yi Luor & Ping-Wu Chang, 2022. "Weighting of Firefighting Turnout Gear Risk Factors According to Expert Opinion," Sustainability, MDPI, vol. 14(12), pages 1-12, June.
    3. Adhirath Kapoor & Ankur Gupta & Rajesh Gupta & Sudeep Tanwar & Gulshan Sharma & Innocent E. Davidson, 2021. "Ransomware Detection, Avoidance, and Mitigation Scheme: A Review and Future Directions," Sustainability, MDPI, vol. 14(1), pages 1-24, December.
    4. Margareta Heidt & Jin P. Gerlach & Peter Buxmann, 2019. "Investigating the Security Divide between SME and Large Companies: How SME Characteristics Influence Organizational IT Security Investments," Information Systems Frontiers, Springer, vol. 21(6), pages 1285-1305, December.
    5. Benz, Michael & Chatterjee, Dave, 2020. "Calculated risk? A cybersecurity evaluation tool for SMEs," Business Horizons, Elsevier, vol. 63(4), pages 531-540.
    6. Nidhal Marzougui & Nadia Ounalli & Sonia Sabbahi & Tarek Fezzani & Farah Abidi & Sihem Jebari & Sourour Melki & Ronny Berndtsson & Walid Oueslati, 2022. "How Can Sewage Sludge Use in Sustainable Tunisian Agriculture Be Increased?," Sustainability, MDPI, vol. 14(21), pages 1-22, October.
    7. Matthew P. Gray & Erin F. Barreto & Diana J. Schreier & John A. Kellum & Kangho Suh & Kianoush B. Kashani & Andrew D. Rule & Sandra L. Kane-Gill, 2022. "Consensus Obtained for the Nephrotoxic Potential of 167 Drugs in Adult Critically Ill Patients Using a Modified Delphi Method," Drug Safety, Springer, vol. 45(4), pages 389-398, April.
    8. Heidt, Margareta & Gerlach, Jin & Buxmann, Peter, 2019. "Investigating the Security Divide between SME and Large Companies: How SME Characteristics Influence Organizational IT Security Investments," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 118284, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
    9. Mazhar Javed Awan & Umar Farooq & Hafiz Muhammad Aqeel Babar & Awais Yasin & Haitham Nobanee & Muzammil Hussain & Owais Hakeem & Azlan Mohd Zain, 2021. "Real-Time DDoS Attack Detection System Using Big Data Approach," Sustainability, MDPI, vol. 13(19), pages 1-19, September.
    10. Rafi Ashrafi & Haitham AlKindi, 2022. "A framework for IS/IT disaster recovery planning," International Journal of Business Continuity and Risk Management, Inderscience Enterprises Ltd, vol. 12(1), pages 1-21.
    11. Zongxiang Wang & Tianhao Chen & Wei Li & Kai Zhang & Jianwu Qi, 2023. "Construction and Demonstration of the Evaluation System of Public Participation Level in Urban Planning Based on the Participatory Video of ‘General Will—Particular Will’," Sustainability, MDPI, vol. 15(2), pages 1-17, January.
    12. Yoram Wind & Thomas L. Saaty, 1980. "Marketing Applications of the Analytic Hierarchy Process," Management Science, INFORMS, vol. 26(7), pages 641-658, July.
    13. Fan Wang & Yao Lu & Jin Li & Juan Ni, 2021. "Evaluating Environmentally Sustainable Development Based on the PSR Framework and Variable Weigh Analytic Hierarchy Process," IJERPH, MDPI, vol. 18(6), pages 1-16, March.
    14. Antonio Santos-Olmo & Luis Enrique Sánchez & Ismael Caballero & Sara Camacho & Eduardo Fernandez-Medina, 2016. "The Importance of the Security Culture in SMEs as Regards the Correct Management of the Security of Their Assets," Future Internet, MDPI, vol. 8(3), pages 1-27, July.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Tejaswini C. Herath & Hemantha S. B. Herath & David Cullum, 2023. "An Information Security Performance Measurement Tool for Senior Managers: Balanced Scorecard Integration for Security Governance and Control Frameworks," Information Systems Frontiers, Springer, vol. 25(2), pages 681-721, April.
    2. Abderrazak Laghouag & Faiz bin Zafrah & Mohamed Rafik Noor Mohamed Qureshi & Alhussain Ali Sahli, 2024. "Eliminating Non-Value-Added Activities and Optimizing Manufacturing Processes Using Process Mining: A Stock of Challenges for Family SMEs," Sustainability, MDPI, vol. 16(4), pages 1-20, February.
    3. Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 0. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 0, pages 1-18.
    4. Simon Kratzer & Andreas Drechsler & Markus Westner & Susanne Strahringer, 2022. "The Fractional CIO in SMEs: conceptualization and research agenda," Information Systems and e-Business Management, Springer, vol. 20(3), pages 581-611, September.
    5. Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 2021. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 23(3), pages 773-790, June.
    6. Elvira Ismagilova & Laurie Hughes & Nripendra P. Rana & Yogesh K. Dwivedi, 2022. "Security, Privacy and Risks Within Smart Cities: Literature Review and Development of a Smart City Interaction Framework," Information Systems Frontiers, Springer, vol. 24(2), pages 393-414, April.
    7. Marcel Rolf Pfeifer, 2021. "Development of a Smart Manufacturing Execution System Architecture for SMEs: A Czech Case Study," Sustainability, MDPI, vol. 13(18), pages 1-23, September.
    8. Charlotte Wendt & Martin Adam & Alexander Benlian & Sascha Kraus, 2022. "Let’s Connect to Keep the Distance: How SMEs Leverage Information and Communication Technologies to Address the COVID-19 Crisis," Information Systems Frontiers, Springer, vol. 24(4), pages 1061-1079, August.
    9. Federico Iannacci & Colm Fearon & Kristine Pole, 2021. "From Acceptance to Adaptive Acceptance of Social Media Policy Change: a Set-Theoretic Analysis of B2B SMEs," Information Systems Frontiers, Springer, vol. 23(3), pages 663-680, June.
    10. Alessandro Acquisti & Tamara Dinev & Mark Keil, 2019. "Editorial: Special issue on cyber security, privacy and ethics of information systems," Information Systems Frontiers, Springer, vol. 21(6), pages 1203-1205, December.
    11. Banai, Reza, 2010. "Evaluation of land use-transportation systems with the Analytic Network Process," The Journal of Transport and Land Use, Center for Transportation Studies, University of Minnesota, vol. 3(1), pages 85-112.
    12. Fatih Yiğit & Şakir Esnaf, 2021. "A new Fuzzy C-Means and AHP-based three-phased approach for multiple criteria ABC inventory classification," Journal of Intelligent Manufacturing, Springer, vol. 32(6), pages 1517-1528, August.
    13. Rachele Corticelli & Margherita Pazzini & Cecilia Mazzoli & Claudio Lantieri & Annarita Ferrante & Valeria Vignali, 2022. "Urban Regeneration and Soft Mobility: The Case Study of the Rimini Canal Port in Italy," Sustainability, MDPI, vol. 14(21), pages 1-27, November.
    14. Lin, Sheng-Hau & Zhao, Xiaofeng & Wu, Jiuxing & Liang, Fachao & Li, Jia-Hsuan & Lai, Ren-Ji & Hsieh, Jing-Chzi & Tzeng, Gwo-Hshiung, 2021. "An evaluation framework for developing green infrastructure by using a new hybrid multiple attribute decision-making model for promoting environmental sustainability," Socio-Economic Planning Sciences, Elsevier, vol. 75(C).
    15. Pishchulov, Grigory & Trautrims, Alexander & Chesney, Thomas & Gold, Stefan & Schwab, Leila, 2019. "The Voting Analytic Hierarchy Process revisited: A revised method with application to sustainable supplier selection," International Journal of Production Economics, Elsevier, vol. 211(C), pages 166-179.
    16. Seung-Jin Han & Won-Jae Lee & So-Hee Kim & Sang-Hoon Yoon & Hyunwoong Pyun, 2022. "Assessing Expected Long-term Benefits for the Olympic Games: Delphi-AHP Approach from Korean Olympic Experts," SAGE Open, , vol. 12(4), pages 21582440221, December.
    17. Denys Yemshanov & Frank H. Koch & Yakov Ben‐Haim & Marla Downing & Frank Sapio & Marty Siltanen, 2013. "A New Multicriteria Risk Mapping Approach Based on a Multiattribute Frontier Concept," Risk Analysis, John Wiley & Sons, vol. 33(9), pages 1694-1709, September.
    18. Seyed Rakhshan & Ali Kamyad & Sohrab Effati, 2015. "Ranking decision-making units by using combination of analytical hierarchical process method and Tchebycheff model in data envelopment analysis," Annals of Operations Research, Springer, vol. 226(1), pages 505-525, March.
    19. V. Srinivasan & G. Shainesh & Anand K. Sharma, 2015. "An approach to prioritize customer-based, cost-effective service enhancements," The Service Industries Journal, Taylor & Francis Journals, vol. 35(14), pages 747-762, October.
    20. Mónica García-Melón & Blanca Pérez-Gladish & Tomás Gómez-Navarro & Paz Mendez-Rodriguez, 2016. "Assessing mutual funds’ corporate social responsibility: a multistakeholder-AHP based methodology," Annals of Operations Research, Springer, vol. 244(2), pages 475-503, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:15:y:2023:i:4:p:3516-:d:1068419. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.