SMEs Lost P50 million in Cyberattacks Last Year, According to Report
More than half of local small and medium enterprises experienced cyber incidents in the last 12 months, costing them as much as P50 million, according to a study presented by tech giant Cisco.
In its report entitled Cybersecurity for SMBs: Asia Pacific Businesses Prepare for Digital Defense, Cisco said 57 percent of Philippine SMBs were attacked by cybercriminals over the past year.
Of that number, 28 percent reported that they lost $500,000 or about P25 million due to the cyberattacks, with certain companies reporting that they lost as much as $1 million or P50 million. Malware and phishing were two of the most common types of cyberattacks.
These attacks made SMEs more “apprehensive about cybersecurity risks,” with 89 percent believing that they are “exposed to cyber threats.”
Cyberattacks resulted in lost customer and employee data, as well as lost sensitive business information, internal emails, financial information, and even intellectual property.
Sixty-five percent of SMBs believe that these attacks also had a negative impact on their reputation.
“Over the past 18 months, SMBs have leveraged technology to continue to operate and serve their customers even as they tackled the implications of the pandemic,” Cisco Philippines OIC Managing Director Robin Llamas said. “This has seen an acceleration in digitalization of SMEs across Philippines. As SMEs become more digital, they also become a more attractive a target for malicious actors, not least because digitalized businesses have an expanded attach surface that hackers can target.
“In addition, digitalized SMBs generate more data, which the malicious actors put a high price on,” he added. “All of this is fueling a critical need for them to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front.”
But SMEs are also preparing for cyberattacks, with about 77 percent reporting that they “have completed scenario planning and/or simulations for potential cybersecurity incidents in the past 12 months.”