An investigation has shown that 84% of small and medium-sized enterprises (SMEs) in Malaysia have been cyber-related incidents in the past year. According to the survey, 67% of local SMEs mistakenly believe that big business is at greater risk of cyber attack than small business.
"In fact, smaller businesses are more exposed to cyber attacks because of their size and resources their as well as lack capital for investing in cyberspace management tools, "Andrew Taylor told Kuala Lumpur yesterday.
The report was prepared based on a survey by 1.400 respondents from 400 SMEs in Malaysia, Australia (400), Hong Kong (300) and Singapore (300). Respondents included 82% executives and 18% senior executives or managers under the board of directors from companies with up to two 249 employees. The investigation revealed that there was a difference in the size of cybersecurity preparedness for SMEs.
Of the companies with 100-249 employees, 70% had emergency data breach plans compared to 53% in smaller SMEs with fewer than 50 employees.
Malaysian Small and Medium Enterprises (SMEs) responded to cyber attacks faster than other markets surveyed, with 67% continuing their operations within 12 hours of one incident in cyberspace. Two-thirds (66%) reported that all stakeholders were aware that the appropriate protocol and crisis response was proceeding as planned, the report said.
The survey also found that 48% of cyber-related incidents were caused by human error with customer records being the most frequently violated, with 40% of businesses facing customer file violations last year.
Other types of cyber incidents that were common among SMEs, such as the breakdown of the computer network, which affected 44% of businesses, and 35% were affected by ransomware and phishing, where employees hit clicked on some malicious link that came through them e-mail.
He said any industry that uses computers for business transactions is exposed to digital threats. "Most small and medium-sized enterprises rely heavily on technology for their transactions. "This is a real issue, especially for small and medium-sized enterprises. "They need to be concerned, as they affect their cash flow and livelihood," Taylor said.
He added that it is important to note that when recovering the files from the data breach, 16% of SMEs did not take steps to prevent recurring cyber incidents. Around 14% of businesses examined security and processing procedures after an incident in cyberspace, but they did no further ενέργειες.
"Sometimes, these companies do not know exactly how to help themselves. "There should be support through training to make sure they are aware of what exactly to do in such cases."
With human error being the most common type of cyber incident, the study reports that 37% of their leaders SME:said their employees' poor perception of potential cyber threats is a challenge to their ability to protect their businesses from the dangers they face.
Adding to this, 20% of SMEs believed that their employees were the weakest link in cyber defense and 41% believed that employees neglected their data protection responsibilities.
Taylor said that Μαλαισία had the highest number of cyber accidents out of the four countries studied.
However, 63% of companies increased security protection and processed data after a data breach, and 55% notified affected parties of a data breach after a cyber incident.
The survey also found that 70% of SMEs believe that insurance companies play an important role in helping businesses protect themselves from cyber risks.
Despite this, 60% also believes that the industry is not moving fast enough to keep up with the rapidly evolving cyberspace. Steve Crouch said a large number of small and medium-sized businesses are expected to fall victim to cyberattacks this year.
"Unfortunately, it seems that many SMEs in Malaysia mistakenly believed that their general insurance covers cyberspace, when in fact they probably do not. "Given the large share of the economy made up of small and medium-sized enterprises in the country, this is a critical issue to be addressed," he said.