Providing a Cybersecurity Evaluation Model for Small and Medium Enterprises (SME) (Case Study: Hamoon Nayzeh Pipe Manufacturing Company)

In this study, an effort has been made to design and present a comprehensive and systematic framework for evaluating cybersecurity in small and medium enterprises (SMEs) based on the meta-synthesis approach. This research aims to identify existing models and provide solutions for assessing and improving the cybersecurity status in such companies. The present study is qualitative and utilizes the meta-synthesis approach to analyze and integrate the results of previous research. In this research, all articles published in reputable scientific journals (ISI), books, theses, and internal and external scientific reports related to cybersecurity in SMEs, especially in areas such as cyber threats, data protection, risk management, and security solutions, from 2015 to 2024 were collected and analyzed. After coding and analysis, key factors effective in evaluating the cybersecurity of SMEs were identified. The results from the data analysis indicate that cybersecurity evaluation in SMEs requires a multidimensional approach that, in addition to addressing cyber threats, also considers cultural and organizational aspects. The proposed framework includes various components such as cyber risk assessment, vulnerability identification, evaluating training needs and employee awareness, analyzing cyber threats and attacks, and developing comprehensive security policies. Moreover, the proposed model emphasizes the importance of establishing resilient security infrastructures against threats and utilizing advanced technological tools such as Intrusion Detection Systems (IDS), firewalls, and data encryption. In this study, an effort has been made to design and present a comprehensive and systematic framework for evaluating cybersecurity in small and medium enterprises (SMEs) based on the meta-synthesis approach. This research aims to identify existing models and provide solutions for assessing and improving the cybersecurity status in such companies. The present study is qualitative and utilizes the meta-synthesis approach to analyze and integrate the results of previous research. In this research, all articles published in reputable scientific journals (ISI), books, theses, and internal and external scientific reports related to cybersecurity in SMEs, especially in areas such as cyber threats, data protection, risk management, and security solutions, from 2015 to 2024 were collected and analyzed. After coding and analysis, key factors effective in evaluating the cybersecurity of SMEs were identified. The results from the data analysis indicate that cybersecurity evaluation in SMEs requires a multidimensional approach that, in addition to addressing cyber threats, also considers cultural and organizational aspects. The proposed framework includes various components such as cyber risk assessment, vulnerability identification, evaluating training needs and employee awareness, analyzing cyber threats and attacks, and developing comprehensive security policies. Moreover, the proposed model emphasizes the importance of establishing resilient security infrastructures against threats and utilizing advanced technological tools such as Intrusion Detection Systems (IDS), firewalls, and data encryption.