arbiter
JournalsAccount

Cybersecurity in accounting: challenges and strategies for SME resilience

Isabel Maldonado et al.

Journal of Accounting & Organizational Change2026https://doi.org/10.1108/jaoc-07-2025-0267article
AJG 2ABDC B
Weight
0.50

Abstract

Purpose The purpose of this study is to examine how behavioural (employee knowledge, attitudes and secure practices) and structural (technical safeguards and external IS integration) cybersecurity factors affect the quality of accounting information systems (QAIS) and, in turn, accounting information quality (QAI) in small and medium-sized enterprises. Design/methodology/approach A cross-sectional survey of Portuguese certified accountants and financial managers (n = 60) was analysed using Partial Least Squares Structural Equation Modelling (PLS-SEM) to test a mediated model linking cybersecurity practices to QAIS and QAI. Findings Behavioural cybersecurity dimensions significantly enhance QAIS, whereas structural controls show no direct effect, reflecting SMEs’ resource constraints. QAIS strongly predicts QAI, confirming its mediating role between cybersecurity practices and financial data quality. Research limitations/implications The small, single-country sample and self-reported measures limit generalisability and raise potential common method bias; future studies should adopt longitudinal or multi-method designs and explore emerging technologies (e.g. AI and blockchain) in SMEs. Practical implications Low-cost, behaviour-focused interventions (training, awareness and reinforcement of secure routines) can meaningfully improve QAIS and QAI when sophisticated cybersecurity infrastructure is unattainable; policy support (subsidies, shared services) can mitigate structural gaps. Social implications Strengthening SME cybersecurity behaviour and system quality enhances the reliability of financial reporting, supporting stakeholder trust, compliance and sustainable economic resilience. Originality/value This study extends behavioural cybersecurity models (e.g. HAIS-Q) into an accounting context and empirically validates QAIS as a strategic mediator connecting cybersecurity behaviours with financial reporting integrity in resource-constrained SMEs, a setting underrepresented in prior research.

Open via your library →

Cite this paper

https://doi.org/https://doi.org/10.1108/jaoc-07-2025-0267

Or copy a formatted citation

@article{isabel2026,
  title        = {{Cybersecurity in accounting: challenges and strategies for SME resilience}},
  author       = {Isabel Maldonado et al.},
  journal      = {Journal of Accounting & Organizational Change},
  year         = {2026},
  doi          = {https://doi.org/https://doi.org/10.1108/jaoc-07-2025-0267},
}

Paste directly into BibTeX, Zotero, or your reference manager.

Flag this paper

Cybersecurity in accounting: challenges and strategies for SME resilience

Flags are reviewed by the Arbiter methodology team within 5 business days.

Evidence weight

0.50

Balanced mode · F 0.40 / M 0.15 / V 0.05 / R 0.40

F · citation impact0.50 × 0.4 = 0.20
M · momentum0.50 × 0.15 = 0.07
V · venue signal0.50 × 0.05 = 0.03
R · text relevance †0.50 × 0.4 = 0.20

† Text relevance is estimated at 0.50 on the detail page — for your query’s actual relevance score, open this paper from a search result.