Why SMEs need to prioritise cybersecurity

Late last year, hackers used a malicious code to overlay a fake form over the website of a popular local fashion retailer and collected customers' personal identifiable information such as names, addresses and credit card numbers.

The data breach was just one of 9,430 cybercrime cases - or 26 cases daily - reported last year, according to the Cyber Security Agency of Singapore (CSA). The number looks set to increase this year as enterprises pivot online and send staff to work from home to curb the spread of Covid-19.

With the digital transformation of everyday life in recent months, small and medium-sized enterprises (SMEs) - as well as individuals - are now more susceptible to cybercrimes like phishing attacks and malware. More than ever, enterprises must protect their systems, as well as their organisations' and customers' data to ensure that their operations will not be compromised by a cyber attack.

"Globally more companies that deploy technology are recognising that they have a 'cyber duty of care' to their consumers," said Deputy Prime Minister Heng Swee Keat at the opening of Singapore International Cyber Week (SICW) 2020 on Oct 6.

While many SMEs have joined the SMEs Go Digital programme since it was launched in 2017, DPM Heng urged more to do so. Apart from offering basic cybersecurity solutions, the programme also helps SMEs adopt digital technologies and build stronger digital capabilities to seize growth opportunities in the digital economy.

Under the SMEs Go Digital programme, SMEs can receive funding support under the Productivity Solutions Grant (PSG) to cover part of the cost of pre-approved cybersecurity products and services.

BT in your inbox

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign Up

Sign Up

"Cyber risk is inevitable as we increase our digital footprint. But that should not stymie our efforts in the digital economy space. It means that it is a risk that we need to understand, manage and work to address," said Minister for Communications and Information S Iswaran, who is also Minister-in-charge of Cybersecurity, at a press conference to wrap up SICW 2020 on Oct 9.

Beefing up cybersecurity capabilities of SMEs

Under the Safer Cyberspace Masterplan 2020 - a new national blueprint to create a safer cyberspace in Singapore - SMEs will be able to tap on free cyber health screenings to spot weaknesses in their Web domain, e-mail system and connectivity. The one-stop portal, known as the Internet Cyber Hygiene Portal, will be housed at CSA's webpage. Self-help guides and toolkits will also be available for download. Moreover, the agency is working with local partners on a Security-as-a-Service (SaaS) initiative to simplify cybersecurity for SMEs, which often do not have the manpower, budget or technical know-how to combat cyber threats. The SaaS initiative is an integrated and automated solution that will defend against threats including malware sent via phishing emails, ransomware, hijacked privileged administrator accounts and insider threats, among others-simplifying cybersecurity for users and protecting them from the myriad of evolving cyber threats.

"The SaaS initiative can help SMEs to tackle these obstacles," said Ms Tammie Tham, Honorary Secretary of SGTech. She added that the "plug and play" solution would be easy to manage because of automation and affordable due to grant funding schemes.

Another significant development that will strengthen cybersecurity is the launch of the Cybersecurity Labelling Scheme, the first of its kind in Asia-Pacific.

The Scheme is a new voluntary labelling scheme that establishes different cybersecurity rating levels for consumer smart devices, starting with Wi-Fi routers and smart home hubs.

Mr Ronnie Lee, general manager of Lenovo Singapore, saw the scheme as a positive step in providing common standards for all manufacturers.

"Providing users with protection against malicious attacks is not only critical in today's highly connected world but it also goes a long way to build user trust in the brand, which in turn could translate to even more business," he said.

Mr Iswaran said that while the Government could put in place initiatives to protect cyberspace, the government cannot do this alone.

He added: "Everyone has a part to play in creating a safer and more secure cyberspace-whether it is the individual who adopts good cyber hygiene, or a company who makes the effort to better secure their assets and data in cyberspace. In an increasingly interconnected world, a strong and proactive cybersecurity approach is an essential investment that will allow us to reap the dividends of the digital economy."