SMBs face growing cybersecurity threats, but basic measures can lower risks

    Published on:

    John M. Land Photography/Getty Images

    Small and medium-sized businesses (SMBs) face growing cybersecurity threats and may not have scalable resources, but even basic security measures pose a risk because they have a small attack surface to protect. It helps a lot to reduce it.

    Like small and medium-sized businesses around the world, Singapore’s small and medium-sized businesses have to deal with the growing number of cyber-attacks. In the first half of this year, 50 unique files containing malware or unwanted software masked as business applications were distributed to small and medium-sized businesses in Singapore, and 453 unique attacks were detected. This amount tripled compared to the same period last year, when 24 unique files were distributed and 112 unique attacks were detected, according to research published by security vendor Kaspersky Lab on Thursday.

    Also: The easiest thing you can do to keep your phone safe

    It expects the increase in online attacks to continue throughout this year and advises small and medium-sized businesses to remain vigilant against cyber threats such as phishing and email scams.

    Small and medium-sized businesses in Singapore were also targeted by ransomware attacks last year. According to statistics released by the Singapore Cyber ​​Security Authority (CSA), there were 132 ransomware incidents reported in 2022, with small and medium-sized businesses, particularly manufacturing and retail, being the most affected by such attacks. .

    The CSA said these companies are popular targets because they hold valuable information and intellectual property that cybercriminals want to exploit and use, and small and medium-sized businesses are at risk from cyber threats. He added that there is often a lack of dedicated resources to deal with this.

    Also: 3 ways to find malware-infected apps on your smartphone

    It may seem daunting, but even small organizations can reduce risk by paying attention to the basics.

    While most small and medium-sized enterprises may not have access to the scale or expertise of larger companies, they do have one advantage, said Janil Puthuchary, Singapore’s senior minister for communications and information.

    He noted that while small and medium-sized enterprises collectively make up a large portion of the country’s economy, individual companies remain relatively small. “This means the attack surface is relatively small and the risk is high. [an SMB] The main targets are relatively small compared to large companies,” Puthuchary said.

    “Accordingly, what [SMBs] “The need for proper cybersecurity may be different for large enterprises and those that form the backbone of their infrastructure,” he added. “Basic cybersecurity measures and hygiene practices are already very helpful in transformation.” [an SMB’s] Risk profile, such as installing antivirus software and performing proper backups of data. These are not prohibitive, they just require commitment and discipline to do them and see them through. ”

    Also: 5 easy ways to improve the security of your Android smartphone today

    He said the Singapore government is also offering support to strengthen the cybersecurity posture of SMEs, offering a free toolkit to guide SMEs on what they can do to protect themselves from cyber threats. Stated. CSA introduced the “Chief Information Security Officer as a Service” scheme earlier this year, offering eligible small and medium-sized businesses up to 70% financial support and customization to work with cybersecurity service providers to improve their security posture. provided the ability to develop a cybersecurity plan.

    “Cybersecurity is a team effort. Apart from government efforts, industry and community efforts are equally important and valuable in collectively strengthening our collective cyber defences,” said Singtel Cyber ​​Security this week.・Puchchary, who spoke at the launch of the Elevate program, said:

    Referring to the program, the Minister said that by bringing together various expertise, including legal and incident response experts, to conduct training workshops for small and medium-sized enterprises, they can strengthen their cyber resilience.

    The Cyber ​​Elevate program is a one-stop training and cyber incident management initiative aimed at providing small and medium-sized businesses with knowledge of best practices and legal frameworks. Singtel said it has also informed these companies of their obligations in the event of a cyber-attack.

    Also: Don’t want your phone to be hacked? Just do this one thing

    The program includes a variety of components, including audits, training and workshops, and legal and incident response services to assess cyber risk for small and medium-sized businesses. For example, participants will receive training on how to prioritize when systems are infected with malware and how to create workflows to identify cyber incidents. This program covers policies and legal frameworks such as Singapore’s Personal Data Protection Act and Computer Misuse Act.

    In the event of an attack, Singtel said its legal and forensic partners will provide guidance to affected small and medium-sized businesses on managing the incident from an operational, communications and business continuity perspective. Local cyber incident response vendor Blackpanda and law firm Drew & Napier are partners in the program.

    SMEs enrolling in the Cyber ​​Elevate program can apply for up to 90% government subsidy, but must have an annual turnover of no more than S$100 million or fewer than 200 employees.


    Leave a Reply

    Please enter your comment!
    Please enter your name here