Small and Medium Businesses in Asia are under cyberattack
By: Ava Gian R. Emmanuel

According to the Asian Development Bank, Small and Medium Businesses (SMBs) play an important role in the economy. SMBs account for an average 97 percent of all enterprises in the Asia Pacific Region. They deserve top priority for protection against cyberattack.
While many small businesses have recently grown more conscious of the importance of digital defense, there is still a significant gap between their trust in their cybersecurity capabilities and their actual cyber-readiness. Only over 73 percent of SMBs in the region have a dedicated cybersecurity staff, and only 53% have antivirus solutions in place. However, as more small businesses move to work-from-home arrangements, the need to protect private and confidential data has become more critical.
The first line of defense is awareness and policy. SMBs are sometimes mistaken for being less vulnerable to cyberattacks than larger organizations. The reality is that, due to their limited resources, SMBs frequently use the same personnel to manage multiple business departments. As a result, their security systems are extremely vulnerable to external threats.
Furthermore, during periods of change or transition, new vulnerabilities frequently emerge. The COVID-19 epidemic has hastened the migration from physical to virtual workplaces, emboldening a burgeoning ecosystem of attackers who may take advantage of vulnerabilities presented by unprotected devices and networks.
As a result, it’s vital for SMB employees to learn about their company’s cybersecurity requirements, rules, and processes. Most importantly, knowing where and how their assets, gadgets, and data points are housed can help them avoid unintended disclosure of sensitive data.
Make use of resources that are freely available to the public. Regular audits can help SMBs understand the amount of protection they require, from work flow policies to data security processes. Fortunately, there are numerous public resources accessible to help in this procedure.
Republic Act No. 6977, otherwise known as the “Magna Carta for Micro, Small and Medium Enterprises (MSMEs)”, recognizes that MSMEs have the potential for more employment generation and economic growth and therefore can help provide a self-sufficient industrial foundation for the country. As such, the State shall support the MSMEs by providing programs for training in entrepreneurship and for skills development for labor; granting access to sources of funds; assuring them to a fair share of government contracts; complementing financing programs; instituting safeguards for the protection and stability of the credit delivery system; raising government efficiency and effectiveness in providing assistance; promoting linkages between large and small enterprises; making the private sector a partner in the task of building up MSMEs through the promotion and participation of private voluntary organizations, viable industry associations, and cooperatives; and assuring a balanced and sustainable development through the establishment of a feedback and evaluation mechanism that will monitor the economic contributions of the development of MSMEs.”
Look for basic, custom-made solutions that aren’t too expensive. SMBs, unlike larger companies, may not have the freedom to spend substantial amounts of money on cybersecurity since it may jeopardize other important company activities.
SMBs may more rapidly discover areas for orchestration and streamline cybersecurity operations by integrating their security systems and sticking to fewer products.
Lenovo’s subscription and “as-a-service” models, for example, provide SMBs with flexibility and cost-effectiveness without the need for additional staff.
Be on the lookout for supply chain-based attacks, which are becoming more common. Many small businesses work with larger corporations. However, these collaborations may have unforeseen cybersecurity repercussions.
SMBs build a shared identity with these firms as contractors or vendors, and they become a part of their supply chain. Businesses anticipate regular security evaluations and onboarding due diligence from the company in question in these instances. Cyber thieves take advantage of this intentional or unintentional breach of confidence between two systems, resulting in supply chain-based assaults.
As a result, businesses have begun to make significant modifications to their vetting procedures. Some companies are creating a zero-trust network design, in which vendors must demonstrate that they have followed the company’s compliance requirements. Furthermore, SMBs are being put under growing pressure to comply with cybersecurity rules that businesses are incorporating into contractor agreements.
Seek assistance from industry experts. With an ill-equipped IT security workforce, remote and hybrid work can put SMBs at risk. SMBs frequently lack time to explore new and emerging security threats since they are focused on growing their core company. As a result, obsolete and inefficient technology are overused to detect intrusions.
SMBs can combat this by forming collaborations with industry leaders and subject matter experts such as Lenovo. They take a consultative approach to discover pain points and apply use cases to identify important workflows that necessitate a strong infrastructure. In other words, enlisting the support of these specialists can assist SMBs in “protecting, detecting, responding, and recovering.”
Small and medium-sized businesses (SMBs) are the backbone of Asia’s economy, and they need to be safeguarded as the globe changes.