Small and medium-sized enterprises (SMEs) make up 97% of all businesses in Asia Pacific, and are more easily targeted by bad actors for various reasons. How do Managed Service Providers (MSPs) help?

A cyber-attack on a single SME might seem like an isolated incident, but its repercussions can ripple throughout the entire economy. This is especially so for Asia Pacific markets, where SMEs form the backbone of the economy, making up to 97% of all businesses.

With tech adoption comes risk, and SMEs need to ensure that their business and customers are protected. Fortunately, or otherwise, most SMEs depend on third parties for some or all of their digital infrastructure needs.

We find out from Daniel Garcia, Vice President and General Manager, APAC, Kaseya, about the risks and challenges SMEs face, and how MSPs can help mitigate them.

What are some latest technology trends shaping Asia Pacific’s SME landscape?

Daniel Garcia (DG): Some key trends observed include:

1. AI and automation
   Asia Pacific’s SMEs are riding a new wave of innovation, with generative AI (Gen AI), cloud computing, and automation standing out as top priorities. A recent DBS survey highlights this surge, revealing that 73% of SMEs plan to invest in GenAI, while 32% are already experimenting with its applications in marketing and communications. This technological drive mirrors the positive trends seen in the OCBC SME Index, which reported three consecutive quarters of SME growth, fueled by rebounding global electronics demand and strong consumer sectors.
2. Cloud computing
   Beyond AI, cloud computing is reshaping how SMEs scale and collaborate. Cloud technology allows organisations to transcend physical barriers and access computing resources on a scale.
3. Rising focus on cybersecurity and data recovery
   In today’s threat landscape, cybersecurity is no longer optional — it’s essential. According to Kaseya’s Backup and Recover 2025 report, 8% of businesses don’t back up their cloud data at all, assuming that cloud providers automatically protect their data. More than 50% of organisations are planning to switch their primary backup solution in 2025 due to dissatisfaction with cost, usability, and recovery speed. IT teams are also reportedly overwhelmed by backup management, with more than half of businesses spending 10+ hours per week on backup-related tasks instead of focusing on strategic initiatives. This reflects a growing sense of vulnerability among SMEs in the Asia Pacific region, where many organisations operate with lean IT teams and limited cybersecurity expertise.

How is the increasing sophistication of AI-powered cyber-attacks impacting the region’s cyberthreat and data protection landscape, and which industry sectors are most at risk of cyberattacks in 2025?

DG: The rise of AI-driven attacks, particularly through Ransomware-as-a-Service (RaaS), is significantly lowering the barrier to entry for cybercriminals. This enables the rapid deployment of large-scale, disruptive campaigns.  A 2024 Statista survey of CISOs highlights the severity of this threat, with 41% identifying ransomware as a top three cybersecurity concern. Even novice cybercriminals can now leverage open-source malware to execute highly sophisticated ransomware attacks.

Industries handling vast amounts of sensitive data—financial services, healthcare, manufacturing, telecom, and energy—are particularly vulnerable. Ongoing digitisation in these sectors creates an expansive attack surface for AI-powered threats. To counter this, we’ve seen a shift toward automated security. Tools like Kaseya 365 mitigate cyber risks like ransomware through real-time monitoring, patching, and rapid threat response. For many businesses, this automation approach not only counters complexity but also helps avert IT burnout in the face of ever-escalating attacks.

What are the key hurdles and challenges to tech adoption most often faced by SMEs that can impact their cyber risk posture? How does that impact the entire supply chain?

DG: A few critical barriers emerge for SMEs on their tech adoption journeys:

1. Budget and expertise: DBS highlighted that financial resources remain the top obstacle to adopting new technology solutions, and limited IT expertise compounds the problem, particularly for cybersecurity initiatives. Implementing and maintaining compliance-ready systems (with proper encryption, audit logs, retention policies, etc.) often requires specialised tools and talent, which resource-strapped SMEs may not have on hand.
2. Global talent shortage: With the World Economic Forum reporting a shortage of over 4 million cybersecurity professionals and 67% of organizations facing a moderate-to-critical skills gap, SMEs are left vulnerable. The gap in manpower makes it exceedingly difficult for these businesses to effectively manage escalating cyber threats.
3. Compliance Complexity: Smaller businesses face a significant challenge navigating the complex and evolving legal landscape, including increasingly stringent regulations in Asia Pacific such as Australia’s Privacy Act amendments and Indonesia’s data sovereignty regulations. Without dedicated compliance teams, SMEs can feel overwhelmed and delay tech adoption out of fear of missteps, which leaves gaps in cybersecurity coverage.