OVER the past two years, the pandemic has necessitated small and medium-sized enterprises (SMEs) to digitalise in order to better survive the economic uncertainty.
However, despite the need for digitalisation to maintain growth, many SMEs are still reluctant.
A study by the SME Association of Malaysia has found that with only 26% of SMEs choosing to digitalise their businesses, another 57% have not done so.
Meanwhile, another survey by SME Corporation Malaysia and Huawei found that SMEs who had adopted digitalisation mostly utilised social media by 60% and mobile internet 63.8%, with a small number implementing data analytics by 6.3%.
This is indicative of the wide room for growth in optimising the benefits of digitalisation among SMEs.
Even though e-commerce has boomed during the pandemic, including marketing via social media, many SMEs have not broadly taken holistic steps to protect themselves against threats like cyberattacks, which can cause significant harm, estimated to be as much as RM51 bil.
According to a report by the Malaysian Digital Economy Corporation (MDEC), 84% of SMEs are experiencing cyberthreat incidents and 76% suffer from more than one threat.
When it comes to the new ways of working, with many businesses continuing to practice working from home in the long term, business owners need to get serious about the risks that come with operating remotely from home.
Small businesses are vulnerable to the same threats as home internet users such as malicious emails, phishing attacks, fraud and malware.
Besides, these put business operations at risk if such attacks infect the corporate network and affect customer and financial data.
Furthermore, many SMEs have been found to believe that they are unlikely to become victims of cyberattacks due to their small business structure.
A report by Chubb published before the pandemic found that 67% of Malaysian SMEs believed that they are less likely to become victims compared to larger corporations, yet the same report found that 84% of SMEs were victims of cyberattacks in 2018.
Indeed, with the sharp rise in working from home since the pandemic, cybercriminals are targeting vulnerable internet users across the board without differentiating between business and home internet users.
Remote work also creates a security risk where personnel working outside business-based secure networks can become the target of cybercrime such as ransomware attacks.
A report by CyberSecurity Malaysia found that in August 2021, 58 cases of ransomware attacks were reported with 30 coming from organisations and businesses.
With ransomware attacks threatening serious financial damage that small businesses typically cannot afford, it is critical for SMEs to invest in cybersecurity to mitigate these risks.
The cost factor
Even though awareness is growing among SMEs, the factor of cost and lack of in-house expertise are still barriers in acquiring appropriate and sufficient cybersecurity protection.
Today, cybersecurity service providers have introduced more and more plans and services targeted towards SMEs with limited resources and budgets.
The truth is, there are many cybersecurity solutions available to large enterprises but there are few designed to cater to the cybersecurity needs of SMEs.
SMEs need an accessible subscription-based service instead of making upfront investments into hardware, for cost efficiency.
They need solutions that are easier to deploy and manage, given a smaller IT department and needing to manage services support from service providers to address the potential lack of in-house cybersecurity expertise.
Now is the right time for service providers to step up to fill this gap. – Feb 6, 2022
Vignesa Moorthy is the CEO of ViewQwest, a regional telecommunications service provider of managed network and security solutions, domestic and global connectivity, and other managed ICT services.
The views expressed are solely of the author and do not necessarily reflect those of Focus Malaysia.