Abstract:
This study investigates the cybersecurity awareness and adoption levels among Small and Medium sized Enterprises (SMEs) in Colombo, Sri Lanka, amidst increasing digital transformation. SMEs contribute
significantly to the local economy but often lack the necessary resources and expertise to implement robust
cybersecurity measures. This leaves them vulnerable to various cyber threats such as phishing, ransomware, and
data breaches. Using a quantitative survey-based approach, data was collected from 200 SMEs across multiple
sectors in Colombo. Analysis revealed that while basic awareness exists, advanced knowledge about evolving
threats and preventive strategies is limited. Financial constraints, lack of dedicated IT personnel, and low
prioritization of cybersecurity further hinder effective adoption. The study recommends tailored awareness
programs, financial incentives, and collaborative cybersecurity initiatives involving the government, industry
associations, and technology providers. These strategies aim to enhance cyber resilience among SMEs, ensuring
their sustainable contribution to the digital economy of Sri Lanka.