Resumen
Like most companies, small and medium-sized enterprises (SMEs) have become reliant on digital technology for their day-to-day business operations. However, while valuable, this comes with challenges; one of which is the increase in cybercrime. In terms of their cybersecurity resilience and risk, SMEs are among the most vulnerable and least mature. This article addresses a gap in the literature that has neglected cybersecurity readiness in SMEs. The study proposes a CyberSecurity Readiness Model (CSRM) based on a Socio-Technical view of organizations. The model was used in a multiple case study on three Italian SMEs to evaluate SMEs cybersecurity readiness and further understand the environment and strategies that could be adopted to prevent and manage cyber-attacks.