Implementation of the National Cyber Security Framework (NCSF) on SMEs/MSMEs Using Websites and Digital Applications: A Systematic Literature Review

As the use of information and communication technology (ICT) continues to grow, the threat to national security posed by cyberattacks is also increasing. This study aims to evaluate the implementation of the National Cybersecurity Framework (NCF) for SMEs/MSMEs utilizing websites and digital applications. Using a systematic literature review approach, this research examines the implementation of the NCF in Indonesian SMEs/MSMEs, the key challenges encountered and its comparison with the application of similar frameworks in other countries. The findings reveal that, while the NCF encompasses critical aspects such as identification, protection, detection, response, and recovery, several weaknesses persist in its implementation. Challenges include resource constraints, a lack of cybersecurity awareness, and limited leadership support at the organizational level. The study also highlights that best practices from other countries, such as integration with CIS Controls or similar frameworks, can provide valuable insights for enhancing the NCF's implementation in Indonesia. This research is expected to contribute to strengthening national cybersecurity policies and strategies, improving SMEs/MSMEs' preparedness in addressing cyber threats, and ensuring the protection of critical data and infrastructure, which are becoming increasingly essential in the digital era.