Small and medium businesses (SMBs) are among the many casualties of the pandemic. Aside from keeping their cash flow moving despite the multiple and recurring lockdown measures, this segment has also been a target of malicious criminals online.
Based on Kaspersky’s IT Security Economics 2020 survey, more than one-third (37%) of SMBs in
Southeast Asia (SEA) admitted facing targeted attacks. This is four notches higher compared with the
global average at 33%.
In this research, SMBs are defined as companies with 50 to 999 employees. Targeted attacks are some of the most dangerous risks to businesses’ systems. These are cyberattacks aimed at compromising a particular company or network.
Typically, a targeted attack has several stages. This type of sophisticated threat is extremely difficult to detect because of its targeted nature. “While many owners still think their humble businesses are far from cybercriminals’ radar, the insights from our survey disclosed a different picture.”
“Most malicious actors are opportunists in nature. Big enterprises are more likely to have cutting-edge security measures leaving SMBs easy targets or what we call “low hanging fruits”. When successful, these attacks can be costly.”
“On average, a successful attack against an SMB can cost 130K USD on average, which, considering the current situation, is a huge amount,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
The same study conducted last June with 5,266 IT business decision-makers from 31 countries revealed a loophole which calls for an urgent overhaul – more than half of SMBs in SEA (66%)admitted their lack of visibility of the infrastructure and their (64%) inability to detect serious threats among many alerts.
Aside from this, nearly seven in 10 (66%) of the respondents disclosed their lack of skilled technical staff
to detect and respond to complex incidents.
Almost two thirds (64%) also acknowledged their inability to properly respond and clean up after a sophisticated attack and some 58% cited that they yet to have sufficient insight and intelligence on the threats specifically faced by their businesses.
“It is clear that there are two areas this segment needs urgent help with — visibility against complex threats to identify even the most sophisticated attacks, and expertise to conduct investigation and intelligent incident response.”
“To help SMBs in SEA, we have created an easy-to-use, fully automated endpoint detection and response which can deliver an enterprise-grade protection for small and midrange businesses without burning a hole in their pockets,” adds Yeo.
Launched in 2020, Kaspersky EDR Optimum enables SMBs to implement the basic endpoint detection
and response (EDR) scenarios required for a wide range of companies, and it provides infrastructure
visibility as well as incident investigation and response capabilities.
It does not require a high level of user expertise, and because of its high level of automation, it requires much less attention and routine maintenance than you might expect from an EDR-class security solution. Those key elements allow small companies to begin building its defense against complex threats without spending significant resources and completely restructuring processes.