Cyber attacks cost over Rs 3.5 crore for two in three Indian SMBs in the past year, says Cisco
SMALL AND MEDIUM-SIZE businesses (SMB) in India are exposed to, under attack, and more worried about cybersecurity threats than before. According to a new study by Cisco titled Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defens, three in four (74%) SMBs in India suffered a cyber incident in the past year, resulting in 85% losing customer information to malicious actors, in addition to a tangible impact on business. More than half (62%) of SMBs in India that suffered cyber incidents in the past 12 months said that cyber-attacks cost their business more than Rs 3.5 crore. Of these, 13% say the cost was over Rs 7 crore.
The study is based on an independent, double-blinded survey of over 3,700 business and IT leaders with cybersecurity responsibilities across 14 markets across the Asia Pacific region. The survey highlighted that SMBs saw several ways in which attackers tried to infiltrate their systems. In India, malware attacks, which affected 92% of SMBs, topped the charts, followed by phishing (76%). Around 38% of those that suffered incidents said that the number one cause was not having cybersecurity solutions. Meanwhile, 36% ranked cybersecurity solutions not being adequate to detect or prevent the attack as the number one reason.
Besides the loss of customer data, SMBs that suffered a cyber incident also lost internal emails (73%), employee data (71%), intellectual property (74%), and financial information (75%). In addition, 73% of those said it disrupted their operations, 76% admitted it negatively impacted their reputation, and 70% said it resulted in a loss of customer trust.
However, SMBs are rising to the challenge. The study highlights that they are taking strategic measures like carrying out simulation exercises to improve their cybersecurity posture.
“As they digitise, SMBs are embracing the fact that any transformation, especially one that allows them to meet customers where they are and build trust, must begin with cybersecurity,” says Panish PK, managing director – Small Business, Cisco India & Saarc. “However, given that they typically operate with limited resources and smaller teams, simplicity is the key to successful security deployments. According to the study, most SMBs (97%) feel that they have too many technologies and struggle to integrate them.”
Cisco’s study found that while SMBs in India are more worried about cybersecurity risks and challenges, they are also taking a planned approach to understand and improve their cybersecurity posture through strategic initiatives. According to it, 89% of SMBs in India have completed scenario planning and/or simulations for potential cybersecurity incidents in the past 12 months. The majority have cyber response (91%) and recovery plans (92%) in place. SMBs are also increasingly aware of where their biggest cyber threats come from. Phishing (50% ranked it No. 1) is seen as the top threat by SMBs in India.