Cybersecurity Awareness and Adoption among SMEs in Colombo, Sri Lanka

Abstract

This study investigates the cybersecurity awareness and adoption levels among Small and Medium sized Enterprises (SMEs) in Colombo, Sri Lanka, amidst increasing digital transformation. SMEs contribute significantly to the local economy but often lack the necessary resources and expertise to implement robust cybersecurity measures. This leaves them vulnerable to various cyber threats such as phishing, ransomware, and data breaches. Using a quantitative survey-based approach, data was collected from 200 SMEs across multiple sectors in Colombo. Analysis revealed that while basic awareness exists, advanced knowledge about evolving threats and preventive strategies is limited. Financial constraints, lack of dedicated IT personnel, and low prioritization of cybersecurity further hinder effective adoption. The study recommends tailored awareness programs, financial incentives, and collaborative cybersecurity initiatives involving the government, industry associations, and technology providers. These strategies aim to enhance cyber resilience among SMEs, ensuring their sustainable contribution to the digital economy of Sri Lanka.