Over the past two years, the pandemic has necessitated SMEs to digitalise in order to better survive the resulting economic uncertainty. However, despite the need for digitalisation to maintain growth, many SMEs are still reluctant, a study by the SME Association of Malaysia has found, with only 26% of SMEs choosing to digitalise their businesses, while another 57% have not done so. Meanwhile, another survey by SME Corp and Huawei found that SMEs who had adopted digitalisation mostly utilised social media (60%) and mobile internet (63.8%), with a small number implementing data analytics (6.3%). This is indicative of the wide room for growth in optimising the benefits of digitalisation among SMEs.
Even though e-commerce has boomed during the pandemic, including marketing via social media, many SMEs have not broadly taken holistic steps to protect themselves against threats like cyberattacks, which can cause significant harm, estimated to be as much as RM51 billion, according to a report by the Malaysian Digital Economy Corporation (MDEC), with 84% of SMEs experiencing cyberthreat incidents and 76% suffering more than one threat.
When it comes to the new ways of working implemented due to the pandemic, with many businesses continuing to practice Working From Home in the long term to remain productive and resilient, business owners need to get serious about the risks that come with operating remotely from home. Small businesses are vulnerable to the same threats as home internet users, such as from malicious emails, phishing attacks, fraud and malware, and these put business operations at risk if such attacks infect the corporate network and affect customer and financial data.
At the same time, many SMEs have been found to believe that they are unlikely to become victims of cyberattacks due to their small business structure. A report by Chubb published before the pandemic found that 67% of Malaysian SMEs believed that they are less likely to become victims compared to larger corporations, yet the same report found that 84% of SME were a victim of cyberattacks in 2018. Indeed, with the sharp rise in working from home since the pandemic, cybercriminals are targeting vulnerable internet users across the board, without differentiating between business and home internet users.
Remote work also creates a security risk where personnel working outside business-based secure networks can become the target of cybercrime such as ransomware attacks. A report by CyberSecurity Malaysia found that in August 2021, 58 cases of ransomware attacks were reported, with 30 coming from organisations and businesses[4]. With ransomware attacks threatening serious financial damage that small businesses typically cannot afford, it is critical for SMEs to invest in cybersecurity to mitigate these risks.
The cost factor
While awareness is growing among SMEs, the factor of cost and lack of in-house expertise are still barriers to acquiring appropriate and sufficient cybersecurity protection. Today, cognisant of the needs of SMEs and acknowledging the growth in digitalisation in the wake of the pandemic, cybersecurity service providers have introduced more and more plans and services targeted towards SMEs with limited resources and budgets. For example, ViewQwest offers Secure Branch, its Firewall-as-a-Service offering powered by Palo Alto Networks’s Machine Learning-Powered Next-Generation Firewall (NGFW). Available from only RM180 per month, Secure Branch provides enterprise-grade network security designed for SMEs, delivering protection through complete visibility into all applications in use, Zero Trust Network Security, and securing encrypted traffic without compromising user privacy. All these are available as a customisable subscription-based service, where businesses can decide what security add-ons they want to add on top of the base offer.
The truth is, there are many cybersecurity solutions available to large enterprises, but there are few designed to cater to the cybersecurity needs of SMEs. SMEs need an accessible subscription-based service instead of making upfront investments into hardware, for cost-efficiency. They need solutions that are easier to deploy and manage given their smaller IT department, and they need managed services support from service providers to address the potential lack of in-house cybersecurity expertise. Now is the right time for service providers to step up to fill this gap.
By Vignesa Moorthy, CEO, ViewQwest
