The smaller firms that insist on the old ways of business in this pandemic era are at risk of obsolescence …

The pandemic has accelerated small- and medium- sized enterprises’ (SMEs) realization that they need to digitalize while also protecting themselves from cyberattacks.

Today, digitization is no longer just a benefit: it is more of a necessity for business operations today. Technology is what helped to bridge the gap when the world came to a standstill due to the pandemic. Businesses have had no choice but to adopt and implement digitization if they want their businesses to survive.

Despite the expense involved, digitization solutions can be customized to their business needs and might not be as expensive as they presume. To delve into out how SMEs can compete even with multinational companies (MNCs) when they avail of the benefits of digitization, and how they become vulnerable instead to cyberattacks without it, CybersecAsia had a discussion with Peter Gatt, partner and lead of Servian (South-east Asia) an established IT consultancy in Australia.

Peter Gatt, Partner and Lead, SEA, Servian

CybersecAsia (CA)We know that SMEs have to adopt technology in order to not be left behind, but are cybercriminals not more likely to go after MNCs in Asia?

Peter Gatt (PG): There are numerous surveys and reports that showcase how vulnerable SMEs are to cyberattacks. A recent survey cited that over half of SMEs in Singapore had experienced a cyberattack in the last year. This goes to show that cybercriminals are not only focused on MNCs: SMEs are also at risk in an increasingly hostile cyber environment.

Based on my observations, SMEs are prone to cyberattacks for a few reasons. Firstly, their typical mindset is “it will not happen to us”. As a result, when they embark on digital initiatives, cybersecurity is not a top of-the-mind issue—budgetary constraints will force them to focus on innovation rather than protection. Secondly, SMEs fail to realize that size does not matter to cybercriminals. They want to get their hands on as much data as they can and maximize the profits: the wider their reach, the higher their chances of success.

Thirdly, SMEs often overlook the fact that they also have valuable data and business relationships with their customers (which can include MNCs as well). For example, the operations of even a small fintech company may involve the collection of sensitive personal information and feature high-value financial transactions. Or, an SME in the recruitment industry will deal with confidential information such as salary expectations, bank account numbers and personal data of candidates or companies.

Cybercriminals know that many SMEs have business relationships with larger organizations, and they can be seen as the ‘weakest link’ as a gateway to the data of the bigger organizations they are dealing with.

It is vital, therefore, for SMEs to have the right setup to handle cybercrime and threats, and, contrary to popular belief, it does not have to be time-consuming or costly to put up security nets. Economical security approaches are available.

CA: With the right technology and expertise, can SMEs bounce back from huge financial losses? Are there concrete examples of these in South-east Asia?

PG: Yes, it is fair to say that with the right technology and expertise SMEs can bounce back from huge financial losses or even the risk of closing down completely. It is more a case of putting themselves in grave danger if they fail to understand the significance of data and digitalization. The latter can help SMEs create a better platform for employees to collaborate on. Employees could have fewer manual processes to take care of, allowing them to concentrate more on business development. This would also result in better productivity and efficiency.

Digitalization can provide a whole new array of platforms to enable SMEs to showcase their products and services. Companies can also create new revenue streams by improving their products and service base.

CA: Can digitalization, complemented by cybersecurity measures, actually enable SMEs to compete with MNCs in the global market? Can you provide examples?

PG: Digitalization, complemented by cybersecurity measures, can definitely enable SMEs to compete with MNCs in the global market. Especially in the US markets, in fact even in China: because if you are security conscious and know how to meet compliance requirements, there are certain services you can adapt and run in a different region. Similarly, cloud technology has also helped level the playing field for SMEs as they are able to utilize available technology to help them in their digitalization process.

In conclusion, Gatt said: “Definitely, more and more SMEs are digitally transforming while also protecting themselves from cyberattacks. We are seeing more SMEs moving to a virtual service in terms of cybersecurity solutions as opposed to trying to implement a full-fledged security programto run their operations. I think it has been a challenging journey for SMEs and more needs to be done to ensure they have the right tools to support them to protect their assets and data from cyberattacks.”

CybersecAsia thanks Peter for his useful insights.