Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
AI agent executes end-to-end ransomware attack via development platfor...
ICAC Commissioner attends first IAACA European regional anti-corruptio...
Research: Asian enterprises advancing AI without resilience strategies...
Penta Security Sets the Benchmark for Web Application Security, Earnin...
India bank domain registry exposed sensitive data in security lapse: e...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

Survey of SMEs reveals most feel ready for cyber incidents, but few meet advanced security standards

By CybersecAsia editors | Thursday, July 17, 2025, 2:41 PM Asia/Singapore

Survey of SMEs reveals most feel ready for cyber incidents, but few meet advanced security standards

Responses showed many organizations increased security budgets but still report training gaps, unbalanced allocations, and challenges with adopting AI practices.

Based on responses from 445 professionals and executives in IT, security, and management roles at small and medium-sized enterprises (SMEs) across Canada, the US, Europe, and other regions, findings from a February to April 2025 survey on IT security readiness were shared with the media.

The survey was focused on respondents’ perceptions and reported practices regarding cybersecurity posture, including access management, AI use, internal threat mitigation, and organizational training.

First, 71% of respondents indicated a confidence in their ability to handle major cybersecurity incidents, stating they felt prepared. Subsequently in the same survey, when this group was asked whether their organizations had implemented a cybersecurity posture rated as advanced enough to withstand attacks, 22% had affirmed this. This gap persisted across industries in the data, and was more pronounced among respondents further removed from day-to-day IT operations, such as executives, compared to IT staff who reported lower confidence and readiness.

Second, 52% of respondents had indicated that their organizations were still using manual processes such as documents or spreadsheets, a 7% increase over a similar survey conducted in the previous year.

Other findings

Third, interest in AI as a cybersecurity measure was notable. While 71% of respondents had indicated plans to implement it as a tool for threat detection and behavior analysis, 40% reported that they had not yet incorporated any AI technologies into their cybersecurity practices. Also:

  • The proportion of respondents that believed AI would play a critical role over the next five years reached 62%. Barriers to adoption cited in the responses included costs, lack of expertise, confidentiality concerns, and apprehension regarding reliance on AI.
  • 63% of respondents indicated that their organizations had increased their cybersecurity budgets for FY 2025, but 55% reported that these increased funds were not optimally balanced across different needs.
  • 29% of respondents indicated that their organizations had allocated less than 5% of their total budget to cybersecurity, and 25% did not know their respective organization’s allocation percentage.
  • 78% of respondents indicated concern about insider risks such as data theft and sabotage. Of this group, 20% indicated that their organizations had active plans in place to counter such threats. Additionally, 28% of respondents indicated that their organizations did not have a plan for confronting internal threats, or did not consider it a priority.
  • 39% of respondents reported that their organizations provided ongoing training, and 32% reported that awareness training was required of staff; 17% indicated that there were no programs in place to support best practices or promote a cybersecurity-aware workplace culture.
  • 43% of respondents indicated that their organizations experienced at least one cyberattack in the past year, and 31% reported incident detection within the first few minutes.

According to David Hervieux, President and founder, Devolutions, the firm that commissioned the survey, “the perception of security and the true level of security may sometimes be very different” among respondents in SMEs, and gaps can exist between the impression of having a strong posture and the reality of the situation.

Share:

PreviousMalicious extension in open code marketplace causes US$500k cryptocurrency theft from developer
NextSophisticated web skimming campaign exploits OpenCart sites with covert fake payment forms

Related Posts

Anatomy of a multiple-gang attack

Anatomy of a multiple-gang attack

Wednesday, August 10, 2022

New APAC coalition forms to promote public-private tech resilience against cybercrime

New APAC coalition forms to promote public-private tech resilience against cybercrime

Wednesday, June 2, 2021

When deepfakes get too perfect, look for context

When deepfakes get too perfect, look for context

Wednesday, June 5, 2024

Why embed phishing links in emails when malicious HTML attachments will do?

Why embed phishing links in emails when malicious HTML attachments will do?

Tuesday, July 5, 2022

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

    Friday, July 3, 2026
    BUDAPEST, Hungary, July 2, 2026 …Read More »
  • Penta Security Sets the Benchmark for Web Application Security, Earning Frost & Sullivan’s 2026 South Korea Company of the Year Recognition

    Thursday, July 2, 2026
    By combining intelligent threat detection, …Read More »
  • SK shieldus Receives Frost & Sullivan’s 2026 APAC Customer Value Leadership Recognition for Excellence in Cybersecurity Services

    Monday, June 29, 2026
    The company is recognized for …Read More »
  • Global Tech Shift: Tune Talk Launches World’s First Network-Enforced Child Safety Mobile Plan, Bypassing App-Level Limitations

    Saturday, June 27, 2026
    PETALING JAYA, Malaysia, June 26, …Read More »
  • DJI Enterprise Advances Industry with New Framework for Dock as First Responder (DFR) Deployments

    Thursday, June 25, 2026
    New White Paper Outlines Best …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.