ESET recently unveiled its highly anticipated ESET APAC SMB Cybersecurity Report 2024, revealing alarming statistics about the rising tide of cyber threats faced by small and medium-sized businesses (SMBs) in the Asia-Pacific (APAC) region. The report highlights a record-breaking surge in previously unseen malware in 2023, with over 500,000 unique threats detected daily. Additionally, the number of reported software vulnerabilities hit an unprecedented high, emphasizing the growing complexity of the cybersecurity landscape.
Key findings from the report reveal that 73% of APAC SMBs experienced cybersecurity incidents last year, with ransomware-related incidents accounting for 25% of these cases. Alarmingly, 44% of these incidents were attributed to inadequate security measures, highlighting the pressing need for SMBs to bolster their defenses. In response to these challenges, 40% of SMBs indicated plans to increase their investment in cybersecurity over the coming year.
Parvinder Walia, President of Asia Pacific & Japan at ESET, emphasized the importance of understanding the real-world threats businesses face. “Our goal is not only to highlight the risks but also to empower businesses with the knowledge and tools they need to enhance their cybersecurity posture. The insights gathered from these reports are crucial for helping SMBs navigate the complex and ever-evolving cyber threat landscape.”
Walia further elaborated on the significant surge in malware and software vulnerabilities in 2023, noting that over 29,000 vulnerabilities were published, which threat actors could exploit to compromise business systems and steal valuable data. He stressed that this is not just a spike but a growing trend that SMBs cannot afford to ignore.
The report also shed light on the challenges SMBs face in maintaining robust cybersecurity defenses. Many SMBs struggle with system misconfigurations, outdated software, and insufficient defenses, leaving them vulnerable to cyberattacks. Additionally, third-party vendors, often small companies themselves, can become a weak link in the security chain if their defenses are not up to standard.
Tony Anscombe, Chief Security Evangelist at ESET, echoed these concerns, highlighting the global shortage of cybersecurity professionals. “There is a huge issue globally where we’re not getting the right level of people into cybersecurity careers. The education system significantly needs to fix this,” Anscombe stated, urging on the importance of education in addressing the cybersecurity skills gap.
Anscombe also discussed the rising trend of SMBs outsourcing their cybersecurity needs to managed service providers (MSPs) due to a lack of internal resources. He cautioned, however, that while outsourcing can be beneficial, responsibility for cybersecurity ultimately remains with the company, particularly in areas like employee cybersecurity awareness training.
The report’s findings accentuate the need for APAC SMBs to prioritize cybersecurity investments, with 40% of surveyed businesses planning to increase their cybersecurity budgets in the coming year. However, the willingness of a significant number of SMBs to pay ransoms in the event of an attack remains a troubling trend, particularly in India, where 96% of businesses indicated they would consider paying.