Small and Medium Businesses in Asia are under cyberattack
By: Ava Gian R. Emmanuel
According to the Asian Development Bank, Small and Medium Businesses (SMBs) play an important role in the economy. SMBs account for an average 97 percent of all enterprises in the Asia Pacific Region. They deserve top priority for protection against cyberattack.
While many small businesses have recently grown more conscious of the importance of digital defense, there is still a significant gap between their trust in their cybersecurity capabilities and their actual cyber-readiness. Only over 73 percent of SMBs in the region have a dedicated cybersecurity staff, and only 53% have antivirus solutions in place. However, as more small businesses move to work-from-home arrangements, the need to protect private and confidential data has become more critical.
The first line of defense is awareness and policy. SMBs are sometimes mistaken for being less vulnerable to cyberattacks than larger organizations. The reality is that, due to their limited resources, SMBs frequently use the same personnel to manage multiple business departments. As a result, their security systems are extremely vulnerable to external threats.
Furthermore, during periods of change or transition, new vulnerabilities frequently emerge. The COVID-19 epidemic has hastened the migration from physical to virtual workplaces, emboldening a burgeoning ecosystem of attackers who may take advantage of vulnerabilities presented by unprotected devices and networks.
As a result, it’s vital for SMB employees to learn about their company’s cybersecurity requirements, rules, and processes. Most importantly, knowing where and how their assets, gadgets, and data points are housed can help them avoid unintended disclosure of sensitive data.
Make use of resources that are freely available to the public. Regular audits can help SMBs understand the amount of protection they require, from work flow policies to data security processes. Fortunately, there are numerous public resources accessible to help in this procedure.
Republic Act No. 6977, otherwise known as the “Magna Carta for Micro, Small and Medium Enterprises (MSMEs)”, recognizes that MSMEs have the potential for more employment generation and economic growth and therefore can help provide a self-sufficient industrial foundation for the country. As such, the State shall support the MSMEs by providing programs for training in entrepreneurship and for skills development for labor; granting access to sources of funds; assuring them to a fair share of government contracts; complementing financing programs; instituting safeguards for the protection and stability of the credit delivery system; raising government efficiency and effectiveness in providing assistance; promoting linkages between large and small enterprises; making the private sector a partner in the task of building up MSMEs through the promotion and participation of private voluntary organizations, viable industry associations, and cooperatives; and assuring a balanced and sustainable development through the establishment of a feedback and evaluation mechanism that will monitor the economic contributions of the development of MSMEs.”
Look for basic, custom-made solutions that aren’t too expensive. SMBs, unlike larger companies, may not have the freedom to spend substantial amounts of money on cybersecurity since it may jeopardize other important company activities.
SMBs may more rapidly discover areas for orchestration and streamline cybersecurity operations by integrating their security systems and sticking to fewer products.
Lenovo’s subscription and “as-a-service” models, for example, provide SMBs with flexibility and cost-effectiveness without the need for additional staff.
Be on the lookout for supply chain-based attacks, which are becoming more common. Many small businesses work with larger corporations. However, these collaborations may have unforeseen cybersecurity repercussions.
SMBs build a shared identity with these firms as contractors or vendors, and they become a part of their supply chain. Businesses anticipate regular security evaluations and onboarding due diligence from the company in question in these instances. Cyber thieves take advantage of this intentional or unintentional breach of confidence between two systems, resulting in supply chain-based assaults.
As a result, businesses have begun to make significant modifications to their vetting procedures. Some companies are creating a zero-trust network design, in which vendors must demonstrate that they have followed the company’s compliance requirements. Furthermore, SMBs are being put under growing pressure to comply with cybersecurity rules that businesses are incorporating into contractor agreements.
Seek assistance from industry experts. With an ill-equipped IT security workforce, remote and hybrid work can put SMBs at risk. SMBs frequently lack time to explore new and emerging security threats since they are focused on growing their core company. As a result, obsolete and inefficient technology are overused to detect intrusions.
SMBs can combat this by forming collaborations with industry leaders and subject matter experts such as Lenovo. They take a consultative approach to discover pain points and apply use cases to identify important workflows that necessitate a strong infrastructure. In other words, enlisting the support of these specialists can assist SMBs in “protecting, detecting, responding, and recovering.”
Small and medium-sized businesses (SMBs) are the backbone of Asia’s economy, and they need to be safeguarded as the globe changes.
Wow good job darling
Good job , I’ve learned a lot
Wow Dear! This is amazing. You’re an angel to the business world.
VERY NICE
OK
According to Verizon’s 2020 Data Breach Investigations Report; 43 percent of cyber attacks target small businesses, especially those in the legal, insurance, retail, financial, and healthcare sectors.
This requires staying up to date on the latest cyberthreats. Small business can search online security vendor sites and trade publications to stay educated.
A successful cyber attack can cause major damage in business.
We encourage offline storage for both Small and Large Businesses, rather than online clouds. It’s better to lose a day’s worth of information, than a years worth or ten years worth.
Most small business lacks even basic security measures. A malware attack could do a lot of damage to those businessmen.
Every business should have a hardware firewall, software firewall (internet security), and antivirus software. Businesses need to meet PCI compliance standards.
Most small businesses run on the edge of failure simply because they can’t weather major catastrophe without serious reserves in cash or diversity of business income streams and most simply don’t have that.
you mean fail? Most small businesses have insurance, if one is hit by a malware attack the cost of that attack can – unless there is gross negligence involved, be obviated and offset by the coverage provided by the insurance or the way that the business responds to their customers. ie. does something about it that is positive.
A malware attack could make employees unable to use their PCs and thus miss important deadlines. It also could lead to loss of important data. Even worse is the chance of sensitive data falling into the wrong hands.
If you know what malware is a suspect you know ways already how to disrupt a business’s systems. But disruption of cashflow could be very damaging.
All sorts of ways. Small businesses often operate on very thin margins, especially during their first couple of years when they are just getting established… So a malware attack that damages the company in any way that makes it unprofitable can cause it to go under.
Unfortunately, SMEs only take security seriously for compliance purposes, or when they get to know that they are hacked!
Data, whether is of a aristocratic firm or a beginning firm, is equally important. There’s nothing like the exposed data of small companies become invisible for hackers to exploit. Its noteworthy to remember the fact that 61% of small businesses fell victims to cyber attacks. Hence, Security for every digitized company is undeniably mandatory!
Small businesses stay small because they do not take advantage of technology. There is no reason why they should worry about cyber security.
Unfortunately, I feel that it is largely to do with the fact that cybersecurity is still very much considered a ‘cost center’, meaning it brings no value or revenue to their business.
Previously, the principle of security by obscurity protected small businesses. However, a social attack such as phishing can destroy a small business immediately, so it’s wise for businesses to use secure systems such as chip readers.
Small businesses are considered to have loopholes and weaknesses in their systems, which makes them easy targets for cybercriminals.
Unfortunately, cybersecurity is still very much considered a ‘cost center’, meaning it brings no value or revenue to their business.
A lot of small businesses owners are pretty clueless about computers, programming, security
Best cybersecurity tools for a small business: starts with staff awareness. You can have all the various security “tools” in the world and all it takes is one negligent or careless employee to click without thinking and all of it will be compromised or circumvented.