A recent survey conducted by ESET has revealed a worrying propensity among Singapore's Small-and-Medium Businesses (SMBs) to consider paying ransom demands in the face of ransomware attacks. The ESET SMB Cybersecurity Report, which gathered insights from over 1,400 IT professionals in the Asia-Pacific region, indicates that 88% of Singaporean SMB respondents might contemplate paying cybercriminals during such incidents.
Despite their general confidence in their cybersecurity defences, 65% of these organisations have encountered breach attempts or actual incidents over the past year. The findings underscore a pronounced vulnerability, with 85% of SMBs admitting they are at greater risk of cyberattacks compared to larger firms.
The looming threat of ransomware and AI-enhanced cyber risks
Singapore SMBs are particularly concerned about the dangers posed by ransomware and AI-enhanced threats. An alarming 83% are worried about ransomware risks, and 89% consider the loss of data as one of the top five business consequences of cyberattacks. Parvinder Walia, President of Asia Pacific and Japan for ESET, emphasised the critical need for robust security measures. “Our report indicates that while SMBs have confidence in their security measures and IT expertise, most have still experienced cybersecurity incidents over the past year. This heightened vulnerability, especially compared to larger enterprises, highlights the urgent need for SMBs to strengthen their security frameworks. It is also essential for SMBs to recognise that paying cybercriminals only fuels further cybercrime. Instead, their focus should be on adopting proactive strategies to thwart potential attacks. ESET remains dedicated to empowering SMBs with cutting-edge solutions and expert guidance to enhance their cybersecurity defences and safeguard businesses from persistent threats,” said Walia.
Addressing cybersecurity challenges and future protective measures
The scarcity of employee cyber awareness and the challenges brought on by generative AI are identified as significant risks, with 49% and 43% of SMBs respectively highlighting these as issues. Additionally, 46% of SMBs see their own employees as a substantial risk factor.
Despite expressing high confidence in their cyber resilience, many SMBs report challenges such as the lack of a dedicated cybersecurity team and difficulties in keeping abreast of the latest threats. In response to security breaches or signs of a potential data security incident, SMBs have adopted various strategies to strengthen their cybersecurity, including conducting detailed cybersecurity risk audits and enhancing employee training.
Looking forward, 32% of SMBs anticipate increasing their cybersecurity budget in the next 12 months, focusing on deploying new tools and strategies like vulnerability and patch management, full-disk encryption, and multi-factor authentication. Furthermore, about 22% are contemplating outsourcing some or all of their cybersecurity responsibilities to bolster their defences.
The ESET study, conducted in collaboration with market research firm Blackbox, aims to enrich the understanding of cybersecurity attitudes and practices among SMBs throughout the region.
