Over half of small businesses within the Asia Pacific region who suffered a cyber attack in the past year lost $500,000 or more, study finds

A report by Cisco has revealed the extent to which small businesses (SMBs) are suffering from cyber attacks within the Asia Pacific region. 

One in two (56 percent) SMBs in this part of the world suffered a cyber incident in the last 12 months, and of those that did, 51 percent said these cost the business US$500,000 or more. As well as this, 75 percent said they lost customer information due to the incident. 

In the survey conducted between April and July, 83 percent of those suffering an attack reported that it cost them in excess of $100,000 and 13 percent had an incident costing more than $1 million. 

“Small and medium-sized businesses (SMBs) in Asia Pacific are exposed, under attack, and more worried about cybersecurity threats than before,” said Cisco. 

According to the report, 75 percent of SMBs say they are more worried about cybersecurity now than 12 months ago and 84 percent feel exposed to cyber threats. 

The sample of the survey included 3,750 businesses employing between 10 – 999 employees within 14 countries in the region. For the SMBs in the study, the most prominent form of attack was malware, affecting 85 percent. The second most prominent was phishing, with 70 percent saying they were victims of this form of attack. 

“The number one reason highlighted as the cause of these incidents was cybersecurity solutions not being adequate to detect or prevent the attack. More than a third (39 percent) of those that suffered incidents ranked this as the top factor. Meanwhile, 33 percent ranked not having cybersecurity solutions as the number one reason,” said the company. 

The report also found that SMBs that suffered an attack also endured other consequences. Small businesses: 

• lost internal emails (62 percent) 
• lost employee data (61 percent) 
• lost intellectual property (61 percent) 
• lost financial information (61 percent) 
• had disrupted operations (62 percent) 
• saw a negative impact on reputation (66 percent) 
• lost customer trust (57 percent) 

“The accelerated pace of digitalization over the last 18 months has fuelled a critical need for SMBs to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front,” said Bidhan Roy, Managing Director, Commercial Enterprise & Mid-market Segment, Asia Pacific, Japan & Greater China, Cisco.  

“This is because the more digital they become, the more attractive a target they are for malicious actors.” 

“While the growing cybersecurity concerns among SMBs may be seen as negative by some, it is actually an encouraging sign as it demonstrates increased levels of awareness and understanding of cyber risks, which is the first step in improving the security posture.”  

The study found that those who completed exercises in simulation, 85 percent uncovered weak points in their defences. Of these, 95 percent revealed issues with not having the correct technology to detect a cyber-attack or threat. The same percentage found they had too many technologies and struggled to integrate them together. 

Kerry Singleton, Managing Director for Cybersecurity in Asia Pacific, Japan and China at Cisco, commented that “Cybersecurity is evolving rapidly. This is being driven by trends like the expanding attack surface, move to multi-cloud, rise of hybrid work, as well as new security requirements and regulations.” 

“It is therefore crucial for businesses, regardless of their size, to not only have the right solutions to detect, block, and remediate any cyber threats but also visibility across their userbase and entire infrastructure,” she continued. 

“As they embark on their digitalization journeys, SMBs have a unique opportunity to lay the right foundation for their security posture and build their business on a strong foundation of trust.” 

This report into the Asia Pacific region could act as an eye-opener for other regions globally. Securiwiser provides an effective solution to assess potential vulnerabilities in a smaller business’ infrastructure to help them remain protected from potential cyber threats and the consequences which almost inevitably follow.