Factors such as cyber workforce shortages, cyber complacency among SME leaders, and employee cyber awareness levels were discussed

It has often been claimed that owners of small- to medium-sized enterprises (SMEs) are only focused on business needs and pay less attention to digital risks and want to invest in the cybersecurity resources available for them.

At a recent cybersecurity conference in Singapore organized by AiSP, a member of the country’s parliament, Yeo Wan Ling, reiterated that SMEs must not only be concerned about day-to-day cybersecurity, but they should plan to defend their organization for the longer term.

Alluding to the cybersecurity talent shortage that impacts cybersecurity vigilance, Yeo said: “New entrants in the industry do not just expect a good salary; they also look how your organization will help them in their career.” Expressing happiness over the large participation of women in Singapore’s cybersecurity industry, Yeo said that more women who are capable of working in this field should try returning to the workforce.

Meanwhile, according to another panelist, Gregor Vand, CTO, Blackpanda: “Most SME leaders think attacks will never happen to them. However, cyberattacks have been increasing and are likely to continue increasing. One has to remember that cybersecurity is a human problem and most issues are happening because of a human behind them.” With that, panelist Garion Kong, Executive Committee President of (ISC)2 [Singapore Chapter] stressed the importance of cyber education for employees: “SMEs should create awareness among the employees. Issues in cybersecurity can be addressed only through good conversations.”

Finally, panelist Michael Lew, Managing Director, Ankura and Chair, Cyber Risk Sub-Comm, Singapore Fintech Association, discussed the future of SMEs. “I am bullish on the way the fintech sector is growing (in Singapore). Fintech today means a lot more than just crypto,” he said, recalling how difficult it was for small traders to receive a payment from bank just a few years ago.

Low recommended a mantra for SMEs to adopt proper cybersecurity postures with: “Adhere to the simple steps of Automate, Optimize and Outsource. Automating the mundane tasks; Optimize the best resources you have; and Outsource to trustworthy partners to maintain cyber hygiene in an organization.”