Cyber Resilience Capabilities and their Impact on Small and Medium-Sized Enterprise Business Continuity in Emerging Economies

Small and Medium sized Enterprises, SMEs, represent the vital economic backbone of emerging economies, yet they contend with an increasingly asymmetric threat environment characterised by sophisticated cyberattacks and severe resource scarcity (Sultan, 2025; Hadap et al., 2025). This paper provides an empirical investigation into the necessary link between robust Cyber Resilience, CR, capabilities and the effective achievement of Business Continuity, BC, in these resource constrained settings. By synthesising existing empirical data on the quantifiable economic and operational risks of cyber incidents, this study asserts that traditional, reactive BC planning is insufficient, robust proactive CR is an indispensable prerequisite for sustainable operational survival (Splunk, 2025; Everbridge, 2025; Sultan, 2025). Findings indicate that successful breaches impose substantial financial losses, averaging $30,000 USD for sampled SMEs post breach, alongside significant operational downtime, evidenced by a mean system disruption of 12.5 hours (Sonkar et al., 2025). This level of disruption is linked to an estimated 60 per cent business failure rate among unprepared small businesses following a major cyber attack (Sonkar et al., 2025). The paper details strategic, cost-effective interventions including risk-based governance, high return on investment employee training, and the leveraging of scalable open-source security stacks, all of which offer a pragmatic pathway for SMEs to enhance their defences and secure long-term viability in the digital economy (Ejaz & Matthew, 2024; Ilca et al., 2023).

Cybersecurity, SMEs, Economic Impact, Financial Loss, Business Continuity, Cyber Resilience, Emerging Economies.

1. Cook, K. D. (2017). Effective Cyber Security Strategies for Small Businesses. Doctoral Dissertations, ScholarWorks, Walden University Research. [Google Scholar] [Crossref]

2. Ejaz, U., & Matthew, B. (2024). Cost effective cybersecurity solutions for SMEs: Balancing security needs and budget constraints. ResearchGate. [Google Scholar] [Crossref]

3. Everbridge Team, The. (2025). Business resilience vs business continuity. Everbridge Blog. [Google Scholar] [Crossref]

4. FACTS Asia. (2025). Cybersecurity and Cyber Resilience in the Global South. FACTS Asia Center Inc. [Google Scholar] [Crossref]

5. Gatdula, J. R. (2025). The PRC’s Evolving Cyber Laws and Implications for Southeast Asia’s Digital Economy and Integration. New Perspectives on Asia, CSIS. [Google Scholar] [Crossref]

6. Hadap, M. K., Mehta, A. K., Narsimlu, G., Jawarkar, P., Kaluvala, V., & Chaturvedi, A. K. (2025). An empirical study on the economic impact of cybersecurity breaches and computer fraud on SMEs. Metallurgical and Materials Engineering, 31(2). [Google Scholar] [Crossref]

7. Ilca, L. F., Lucian, O. P., & Balan, T. C. (2023). Enhancing cyber resilience for small and medium sized organizations with prescriptive malware analysis, detection and response. Sensors, 23(15), 6757. [Google Scholar] [Crossref]

8. KPMG/FCDO. (2023). Cybersecurity toolkits for SMEs – Strengthening the cybercrime defences of Nigerian small businesses. Cybil Portal. [Google Scholar] [Crossref]

9. Kuehm, K. (2025). How to optimize RPO and RTO in disaster recovery plans. MightyID. [Google Scholar] [Crossref]

10. Liuzzo, M., & Bovey, K. (2025). RPO and RTO: What’s the difference? Veeam Blog. [Google Scholar] [Crossref]

11. Liquid Intelligent Technologies. (2021). The evolving Cyber Security threat in Africa. Liquid Intelligent Technologies Cyber Security Report. [Google Scholar] [Crossref]

12. Munster Technological University Cybersecurity Research Group. (2025). SME cyber resilience: State of the sector 2025. [Google Scholar] [Crossref]

13. Sonkar, N., Verma, N., Kumar, A., Naqvi, D., & Nisa, Z. (2025). An empirical study on the economic impact of cybersecurity breaches and computer fraud on SMEs. Journal of Information Systems Engineering and Management, 10(7s). [Google Scholar] [Crossref]

14. Splunk Team, The. (2025). Business continuity vs. business resilience: What's the difference? Splunk Blogs. [Google Scholar] [Crossref]

15. Sultan, N. (2025). The nexus of cyber resilience and business continuity: A strategic imperative for small and medium enterprises in emerging economies. [Google Scholar] [Crossref]

16. Ugbebor, F., Aina, O., Abass, M., & Kushanu, D. (2024). Employee cybersecurity awareness training programs customized for SME contexts to reduce human error related security incidents. Journal of Knowledge Learning and Science Technology, 3(3), 382–409. [Google Scholar] [Crossref]

17. Vergara Cobos, E. (2024). Cybersecurity economics for emerging markets (World Bank e Book). [Google Scholar] [Crossref]

18. World Bank. (2024). Digital Transformation Drives Development in Africa. World Bank Results Briefs. [Google Scholar] [Crossref]

19. World Economic Forum (WEF). (2024). SMEs can turn cybersecurity risk into opportunity. Here's how. World Economic Forum. [Google Scholar] [Crossref]

• “Next-Generation Cybersecurity Through Blockchain and AI Synergy: A Paradigm Shift in Intelligent Threat Mitigation and Decentralised Security”
• Forensic Payroll Analytics for IPPIS: A Hybrid Anomaly-Detection Framework to Expose Payroll Fraud, Improve Data Governance, and Protect Employee Rights
• Factors Influencing Data Protection on Global Trade
• Development Of Artificial Intelligence-Based Model for Forensic Analysis of Cross-Platform Deepfakes
• Cyber Threats and Nigeria’s National Security: Assessing the Role of Regional Cooperation in West Africa