Saved in:
Bibliographic Details
Main Authors: Abdelmagid, Ahmed M., Ezell, Barry C., McShane, Michael
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2601.06553
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918281338683392
author Abdelmagid, Ahmed M.
Ezell, Barry C.
McShane, Michael
author_facet Abdelmagid, Ahmed M.
Ezell, Barry C.
McShane, Michael
contents Small-Medium Businesses (SMBs) are essential to global economies yet remain highly vulnerable to cyberattacks due to limited budgets, inadequate cybersecurity expertise, and underestimation of cyber risks. Their increasing reliance on digital infrastructures has expanded their attack surfaces, exposing them to sophisticated and evolving threats. Consequently, implementing proactive, adaptive security measures has become imperative. This research investigates the effectiveness of Zero Trust Architecture (ZTA) as a sustainable cybersecurity solution tailored to SMBs. While ZTA adoption has been examined broadly, the specific financial, organizational, and capability constraints of SMBs remain underexplored. This study develops an integrated predictive model to assess both the feasibility and risk-mitigation potential of ZTA implementation. The model consists of two sub-models. The first sub-model evaluates the probability of successful ZTA adoption considering implied barriers, and the second tests the effectiveness of ZTA in responding to prevalent cyberattacks. The integrated model predicts the risk level in the presence of ZTA and quantifies the uncertainty of the extent to which ZTA can enhance SMBs' cyber resilience, contributing novel insights for practitioners and stakeholders seeking to enhance compliance with policies, risk, and governance activities in SMBs.
format Preprint
id arxiv_https___arxiv_org_abs_2601_06553
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle A Bayesian Network-Driven Zero Trust Model for Cyber Risk Quantification in Small-Medium Businesses
Abdelmagid, Ahmed M.
Ezell, Barry C.
McShane, Michael
Cryptography and Security
Small-Medium Businesses (SMBs) are essential to global economies yet remain highly vulnerable to cyberattacks due to limited budgets, inadequate cybersecurity expertise, and underestimation of cyber risks. Their increasing reliance on digital infrastructures has expanded their attack surfaces, exposing them to sophisticated and evolving threats. Consequently, implementing proactive, adaptive security measures has become imperative. This research investigates the effectiveness of Zero Trust Architecture (ZTA) as a sustainable cybersecurity solution tailored to SMBs. While ZTA adoption has been examined broadly, the specific financial, organizational, and capability constraints of SMBs remain underexplored. This study develops an integrated predictive model to assess both the feasibility and risk-mitigation potential of ZTA implementation. The model consists of two sub-models. The first sub-model evaluates the probability of successful ZTA adoption considering implied barriers, and the second tests the effectiveness of ZTA in responding to prevalent cyberattacks. The integrated model predicts the risk level in the presence of ZTA and quantifies the uncertainty of the extent to which ZTA can enhance SMBs' cyber resilience, contributing novel insights for practitioners and stakeholders seeking to enhance compliance with policies, risk, and governance activities in SMBs.
title A Bayesian Network-Driven Zero Trust Model for Cyber Risk Quantification in Small-Medium Businesses
topic Cryptography and Security
url https://arxiv.org/abs/2601.06553