Tech giant Cisco found that more than half of local small and medium businesses (SMBs) suffered from cyber incidents in the last 12 months and these incidents may have cost many of them as much as P50 million.
In its recent report titled Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defense, Cisco said 57 percent of Philippine SMBs were attacked by cybercriminals over the past year.
Of the figure, 28 percent reported that they lost $500,000 or about P25 million due to the cyber attacks. Some even lost as much as $1 million or P50 million.
The most common types of cyberattacks were malware and phishing, according to the report.
These facts, the report added, made SMBs more “apprehensive about cybersecurity risks,” with 89 percent believing that they are “exposed to cyber threats.”
“Over the past 18 months, SMBs have leveraged technology to continue to operate and serve their customers even as they tackled the implications of the pandemic. This has seen an acceleration in digitalization of SMBs across Philippines, Cisco Philippines OIC Managing Director Robin Llamas said.
“As SMBs become more digital, they also become a more attractive a target for malicious actors, not least because digitalized businesses have an expanded attach surface that hackers can target. In addition, digitalized SMBs generate more data, which the malicious actors put a high price on. All of this is fueling a critical need for them to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front.”
Cyberattacks resulted in lost customer and employee data, as well as lost sensitive business information, internal emails, financial information, and even intellectual property.
Sixty-five percent of SMBs believe that these attacks also had a negative impact on their reputation.
Disruptions caused by cyber incidents can have serious implications for SMBs, according to Llamas, including service interruption due to downtime—some even had to close down shop.
He noted that the scale of the challenge is highlighted by the fact that only 9 percent of respondents in Philippines said they were able to detect a cyber incident within an hour. The number of those that were able to remediate a cyber incident within an hour was also the same.
“It is critical for SMBs to be able to detect, investigate, and block or remediate any cyber incident in the shortest time possible. To be able to do that, they need solutions that are easy to deploy and use, integrate well with each other, and help them automate capabilities like detection, blocking, and remediation of cyber incidents,” Cisco Asean Director for Cybersecurity Juan Huat Koo added.
He noted that businesses may also leverage the cloud to beef up their cybersecurity systems.
Philippine businesses, however, are also preparing for cyberattacks. The study found that 77 percent of SMBs “have completed scenario planning and/or simulations for potential cybersecurity incidents in the past 12 months.”
“Cybersecurity is evolving rapidly. This is being driven by trends like the expanding attack surface, move to multi-cloud, rise of hybrid work, as well as new security requirements and regulations. As they embark on their digitalization journeys, SMBs have a unique opportunity to lay the right foundation for their security posture and build their business on a strong foundation of trust,” Cisco Managing Director for Cybersecurity in Asia Pacific Kerry Singleton said.