Tools
Tools
Awan, Mujtaba 
ORCID: https://orcid.org/0000-0001-9055-2869, Alam, Abu S, Khan, Rafiq Ahmad, Alwageed, Hathal Salamah, Ayouni, Sarra and Almagrabi, Alaa Omran
(2026)
A generative AI-driven cybersecurity framework for small and medium enterprises software development: an ANN-ISM approach.
Scientific Reports.
doi:10.1038/s41598-026-37614-8
(In Press)
Preview |
Text
15873 Mujtaba Awan et al. (2026) A generative AI-driven cybersecurity framework for small and medium enterprises software development-an ANN-ISM approach.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives 4.0. Download (3MB) | Preview |
Abstract
This paper presents an AI-based generative model to address the cybersecurity threats in software development for Small and Medium Enterprises (SMEs). The model aims to address the unique challenges SMEs face in implementing effective cybersecurity practices by leveraging generative AI to enhance threat detection, prevention, and response. Initially, we conducted a multivocal literature review (MLR) and an empirical survey to identify and validate cybersecurity threats and the generative AI practices used in secure software development for SMEs. An expert panel review was then assigned for the process of artificial neural network (ANN) and interpretive structural model (ISM). The ANN model can predict potential cybersecurity threats by learning from historical data and software development patterns. ISM is used to (1) structure and visualize (2) relations between identified threats and mitigation approaches and (3) offer a combined, multi-layered risk management methodology. A case study was conducted to evaluate the effectiveness of the proposed model. The evaluation has shown that the model significantly enhances SME online security and enables rapid adoption of sophisticated AI-based practices for detecting and responding to primary and advanced cyber threats. Phishing and ransomware received high assessments (Advanced), whereas some advanced techniques, e.g., AI-guided evasion and zero-day attacks, were at early stages of development (Understanding and Development). The general results indicated that generative AI can help organizations enhance SME cybersecurity, and some efforts are underway to develop use cases for advanced threats further. The AI-based generative model is a viable and scalable approach to the cybersecurity of SME software development. Such AI-based practices will enable SMEs to effectively protect themselves against various cyber threats systematically. Future studies should focus on developing contemporary threat strategies and on the impediments to global implementation, particularly in less resource-rich settings.
| Item Type: | Article |
|---|---|
| Article Type: | Article |
| Uncontrolled Keywords: | Software Development; Small and Medium Enterprises (SMEs); Cybersecurity Threats; Generative AI Practices; Multivocal Literature Review; Empirical Survey; ANN-ISM; Case Study |
| Subjects: | H Social Sciences > HD Industries. Land use. Labor > HD2340.8 Small and Medium-sized businesses, artisans, handcrafts, trades H Social Sciences > HD Industries. Land use. Labor > HD28 Management. Industrial Management > HD61 Risk in industry. Risk management Q Science > Q Science (General) > Q336 Artificial intelligence Q Science > QA Mathematics > QA76 Computer software |
| Divisions: | Schools and Research Institutes > School of Business, Computing and Social Sciences |
| Depositing User: | Kamila Niekoraniec |
| Date Deposited: | 10 Mar 2026 00:31 |
| Last Modified: | 12 Mar 2026 08:00 |
| URI: | https://eprints.glos.ac.uk/id/eprint/15873 |
University Staff: Request a correction | Repository Editors: Update this record
