Growing apprehension among SMBs in Asia Pacific as one in two suffer cyber attacks
A new study by Cisco shows small and medium-sized businesses in Asia Pacific are exposed, under attack, and more worried about cybersecurity threats than before.
According to the study, one in two small and medium-sized businesses (SMBs) across the region suffered a cyber incident in the past year. As a result, 75% lost customer information to malicious actors.
This is causing more apprehension among SMBs about cybersecurity risks, with 75% more concerned with cybersecurity now than they were 12 months ago and 84% feeling exposed to cyber threats.
The study, Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defense, is based on an independent, double-blinded survey of over 3,700 business and IT leaders with cybersecurity responsibilities across 14 markets in Asia Pacific. The survey highlights that SMBs are aware of many methods in which attackers tried to infiltrate their systems. Malware attacks, affecting 85% of SMBs, topped the charts, followed by phishing, with 70% saying they experienced such attacks in the past year.
The number one highlighted cause are cybersecurity solutions being inadequate in detecting or preventing an attack. Over a third (39%) of those that suffered incidents ranked this as the top factor. Meanwhile, 33% ranked not having cybersecurity solutions as the number one reason.
These incidents are having a tangible impact on business. More than half (51%) of SMBs in the region say cyber incidents have cost the company US$500,000 or more, with 13% saying the cost was US$1 million or over.
"The accelerated pace of digitalisation over the last 18 months has fuelled a critical need for SMBs to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front," says Cisco Asia Pacific, Japan - Greater China, managing director, commercial enterprise - mid-market segment, Bidhan Roy.
"This is because the more digital they become, the more attractive a target they are for malicious actors. While the growing cybersecurity concerns among SMBs may be seen as negative by some, it's actually an encouraging sign as it demonstrates increased levels of awareness and understanding of cyber risks, which is the first step in improving the security posture."
Besides the loss of customer data, SMBs that suffered cyber incidents also lost internal emails (62%), employee data (61%), intellectual property (61%), and financial information (61%). In addition, 62% of those that suffered an incident say it disrupted operations, while 66% admitted it harmed their reputation, and more than half (57%) say it resulted in a loss of customer trust.
"Cybersecurity is evolving rapidly," says Cisco Asia Pacific, Japan, China, managing director, cybersecurity, Kerry Singleton.
"This is being driven by trends like the expanding attack surface, move to multi-cloud, the rise of hybrid work, as well as new security requirements and regulations. Therefore, it's crucial for businesses, regardless of their size, to have the right solutions to detect, block, and remediate any cyber threats and also visibility across their user base and entire infrastructure.
"As they embark on their digitalisation journeys, SMBs have a unique opportunity to lay the right foundation for their security posture and build their business on a strong foundation of trust."
The report highlights five recommendations that organisations of all sizes can employ to improve their cybersecurity posture given the ever-changing landscape:
- Having frequent discussions with senior leaders and all stakeholders
- Taking a simplified, integrated approach to cybersecurity
- Staying prepared by conducting real-world simulations
- Training and educating employees and working with the right technology partner