How can SMEs start investing in their cybersecurity?
Flexxon CEO Camellia Chan talks about the hurdles faced by smaller businesses when it comes to staying safe online.
The risk of cybersecurity breaches has become more prevalent the longer people stay in quarantine and rely on the internet to keep in contact with each other. According to the latest data from the Cyber Security Agency of Singapore, cyberthreats have been on the rise since 2018, with 8,941 cases recorded last year.
Two of the most common malicious cyber activities in 2020 had a common victim: small and medium enterprises (SMEs). Not only were smaller businesses often a target of ransomware attacks, but they also face website defacements as well.
These attacks could have dire consequences on one’s business, from loss of revenue to business closures.
Flexxon Founder and CEO Camellia Chan said there are three key hurdles faced by SMEs when it comes to investing in cybersecurity: awareness, cost, and talent (ACT).
“For SMEs, cybersecurity is not something that directly impacts their day-to-day business, performance, or growth. Because of this, many often lack awareness and understanding or may take the risks of cyber-attacks lightly. Without the technical capabilities, expertise, and training to address such threats, many SMEs find themselves ill-equipped to implement the necessary steps to protect their data,” Chan said in an interview with Singapore Business Review.
Often, the lack of awareness will lead SME owners to prioritise business productivity and revenue gains without adequate protection from cyber-attacks. Whilst most people have the basic protection of having anti-virus software installed on their devices, Chan said that this would not suffice.
“Many cybersecurity solutions employed in the current market, such as anti-virus software, still need to be able to identify and recognise the threats before they act. To do this, they must rely on constant updates to identify the latest threats, and failure to do so could invite unknown actors to exploit the system’s vulnerabilities and cause irreparable damage. At the rate new viruses and cybercrime methods are emerging, this is a never-ending race in which current software and signature-based protection just cannot keep pace with,” she said.
The cost of having an effective cybersecurity system is undoubtedly something that business owners must invest financial resources to continually upgrade and maintain. But the costs might outweigh the risk of having their business data copied, stolen, lost, or ransomed, or of having their brand image damaged by a hack.
“SMEs need to realise that what’s most important is not the number of financial resources poured into cybersecurity, but the effectiveness of cybersecurity solutions invested in. Thus, it is important to have a firm understanding of the cyber threat landscape, so that they can set the implement the most effective safeguards to protect their data,” Chan said.
Singaporeans have the recourse of going to a trusted cybersecurity agency, like the CSA, for guidance and recommendations.
“With their guidance and recommendations, business owners can have a cybersecurity audit done to identify any existing problem areas in their infrastructure. This ties back to helping business owners build greater understanding and awareness of their current architecture, as well as the growing relevance and importance of cybersecurity in today’s digitally connected world,” said the Flexxon CEO.
Business owners can also approach the Infocomm Media Development Authority for readily available solutions and to check their eligibility for government grants to help with the costs of building their cybersecurity infrastructure. They can also avail of programmes to grow and nurture their tech talent pool, such as Enterprise Singapore’s Capability Development Grants for Human Capital Development.
“SMEs need to ACT to overcome these obstacles, so that they can have greater clarity on how to protect their business against cybersecurity challenges in an effective and sustainable manner, and focus on their true business objectives with a greater peace of mind,” Chan said.