Human factors affecting favourable cyber security culture- A case of small and medium-sized enterprises SMEs providing enterprise wide information systems solutions in Nairobi city county in Kenya

This study purposed to examine the key human factors that impact on favourable cybersecurity culture in Kenyan SMEs premised in Nairobi City County and that provides enterprise wide Information Systems(IS) solutions. Primary data was collected through mail survey method from 34 SMEs that were selected from the official 2019 yellow pages Kenya online directory. The data collection tool was a structured questionnaire. To achieve this, quantitative research inform of descriptive research design was conducted. Judgmental sampling technique was used to choose respondents believed to have the required information relating to the objective of the study. The study concludes by emphasizing the need for adequate and consistent top management support and involvement in cybersecurity issues. It recommends that the top management need to strongly recognise their critical role in ensuring favourable culture of cybersecurity in organizations. Similar to road maps that clearly show direction and distance, the roadmap developed from this study can be used by cybersecurity practitioners to benchmark cybersecurity practices and processes in efforts to promote favourable cybersecurity culture in their organizations Keywords: Cyberattacks, enterprise wide IS solutions, human Factors, organizational security culture, cybersecurity roadmap, Small and Medium Enterprises(SMEs)