As many as 40 per cent of small and medium businesses (SMBs) in Singapore were hit by a cyberattack in the past year, with many losing customer data as well as suffering financially, according to a report released yesterday by network equipment vendor Cisco.
Of those who suffered a “security incident”, the study showed, half got hit financially for at least US$500,000. Slightly more than half – 56 per cent – of those affected lost customer information to the cyberattackers.
Though cyberattacks have hit the headlines in the past two years, the figures will make for a sobering read for many SMBs here, which often lack the budget and manpower to tackle increasingly sophisticated threats.
If there is a silver lining, it is that Singapore SMBs at least fared slightly better than the average for Asia-Pacific, where 50 per cent suffered from cyberattacks and 75 per cent of those that got hit lost customer information.
The Cisco study, conducted with 3,700 business and IT leaders with cybersecurity responsibilities across 14 markets in the region this year, included 153 respondents in Singapore.
Besides losing customer data, Singapore SMBs that suffered a cyber incident also lost employee data (51 per cent), financial information (51 per cent), internal e-mails (49 per cent), sensitive business information (49 per cent) and money through financial fraud (49 per cent). In addition, 52 per cent admitted it had a negative impact on their reputation.
Disruptions were often devastating many SMBs. Ninety-three per cent of SMBs in Singapore said a downtime of anything more than an hour results in severe operational disruption, and 90 per cent said it would result in loss of revenue.
The study also highlighted the anxieties of many SMBs in Singapore, which have rushed to digitalise in the past year to overcome the restrictions of the pandemic but feel they are exposed to new threats today.
Sixty-seven per cent of them say they are more worried about cybersecurity than a year ago and 77 per cent feel exposed to cyber threats.
The more digital SMBs become, the more attractive a target they are for malicious actors, said Andy Lee, managing director for Cisco in Singapore and Brunei.
“While the growing cybersecurity concerns among SMBs may be seen as negative by some, it is actually an encouraging sign as it demonstrates increased levels of awareness and understanding of cyber risks, which is the first step in improving the security posture,” he said.
On the bright side, SMBs in Singapore seem to be taking cybersecurity more seriously. Eighty per cent have boosted cybersecurity investments since the start of the pandemic, according to the Cisco study.
They spent on cybersecurity solutions, compliance and monitoring, talent, training and insurance, showing an integrated approach to tackling online threats, it noted.