The state of SMB cybersecurity at a time of crisis

A report focused on SMB cybersecurity trends in APAC covering business readiness, vulnerabilities and priorities

Conducted in March 2020, during COVID-19 pandemic, this study surveyed more than 1,000 small and medium-sized businesses (SMBs) throughout Asia Pacific, investigates the state of cybersecurity in SMBs in the region, giving immediate first insights into how SMBs are responding during this unprecedented times.

In this study, we reveal how prepared - or unprepared - SMBs are in defending their businesses against cyberattacks, and what SMB’s priorities are when it comes to cybersecurity.

Download our report and explore more.

How can NextGens act as agents of change amid digital disruption?

“Are SMBs keeping up with cybersecurity trends and ready to defend themselves against cyberattacks?”

Felix Kan
Partner, Cybersecurity & Privacy Practice, Risk Assurance
Co-founder of PwC’s DarkLab
PwC Hong Kong

Duration: 00:01:55

Key findings

  • 73% of SMBs do not have dedicated cybersecurity team and only 53% of SMBs have antivirus solutions in place.
  • 90% of SMBs said they have been able to detect attacks within one working day; however industry studies indicate average dwell time in APAC is 54 days. This reveals a discrepancy between their confidence in their cybersecurity capabilities and their actual cyber-readiness.​

  • 57% of SMBs sustained cyberattacks during the last 24 months, with 76% of them suffering more than one attack.​
  • 70% of these attacks saw hackers, malware and other actors evading intrusion detection tools, and 65% bypassed antivirus solutions.​
  • Top-three cyberattack on SMBs are caused by viruses and malware (51%), web-based attacks (38%) and phishing attacks (32%), while the most vulnerable endpoints were desk/laptop computers (44%) and web servers (44%).​
  • More than 30% of SMBs suffered damage between US$50,000 and US$250,000, while 9% sustained damage of more than US$1 million.​

  • SMBs start to give growing importance in monitoring suspicious online activity and protecting data, especially on financial and customer data.
  • SMBs regard cybersecurity awareness and education among staff as high priority, and express a preference for tools that involve their employees in detecting threats and fending off attacks.
  • 89% of SMBs agree to have staffs involved immediately in order to raise alerts of suspicious online activity and help prevent further damage.

Download the report to find out more (English and Chinese)

Required fields are marked with an asterisk(*)

Subscription

Please read our Privacy Statement.
   

By submitting this form, you confirm you have read our Privacy Statement and explicitly consent to the processing of personal information as set out in the Privacy Statement (including international transfers). PwC may rely on other legal grounds of processing to the extent permitted under applicable law.

Related content

Contact us

Kenneth Wong

Kenneth Wong

Partner, PwC Hong Kong

Tel: +[852] 2289 2719

Linkedin Follow Email
Felix Kan

Felix Kan

Partner, PwC Hong Kong

Tel: +[852] 2289 1970

Linkedin Follow Email
Patrick Tang

Patrick Tang

Senior Manager, PwC Hong Kong

Email
Follow us
Industries
Asset and wealth management Automotive Banking and capital markets Consumer markets Financial services
Insurance Life sciences and healthcare Private equity Technology, media and telecommunications
Services Audit and assurance Consulting Deals New ventures Risk assurance Tax
Issue-based services COVID-19: Responding to the economic and business impacts Belt and road Cyber Entrepreneurial and private business Greater Bay Area Outbound investment New world. New skills.
About us
Careers
Research and insights
E-newsletter
Events
Digital Store
Press room
PwC's Academy
Blog
Contact us

© 2001 - Fri Nov 27 16:10:14 UTC 2020 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details