close
close

ESET Reveals Alarming Trend: 96% of Indian SMBs May Consider Paying Cybercriminals – CRN

Posted on by angelo
ESET Reveals Alarming Trend: 96% of Indian SMBs May Consider Paying Cybercriminals – CRN

ESET Reveals Alarming Trend: 96% of Indian SMBs May Consider Paying Cybercriminals – CRN

ESET, the world’s leading digital security company, has released its latest study on small and medium-sized businesses (SMBs) in the Asia Pacific (APAC) region. The ESET SMB Cybersecurity Report, which surveyed over 1,400 IT professionals, revealed that despite organizations’ widespread trust in cybersecurity, 73% of SMBs in the APAC region have been the target of breach attempts or cybersecurity incidents in the past 12 months. The figure is even higher for India, with 88% reporting having experienced cybersecurity incidents in the past 12 months. 93% also agree that businesses of their size are more vulnerable to cyberattacks than larger enterprises.

Ransomware, web-based attacks and phishing emails have emerged as the top concerns among Indian SMBs. 79% of them are concerned about the ransomware threat and alarmingly, 96% would consider paying in case of a ransomware attack.

Parvinder Walia, President of Asia Pacific and Japan at ESEThighlighted the findings of the ESET SMB Cybersecurity report: “Our report reveals that while SMBs are confident in their security measures and IT expertise, the majority have still faced cybersecurity incidents in the past year. They feel more vulnerable than larger enterprises, which underlines the absolute need for SMBs to strengthen their security posture. It is essential that SMBs understand that paying cybercriminals only perpetuates cybercrime. Instead, they should focus on implementing proactive measures to prevent cyberattacks.”

Key Factors Contributing to the Success of Cyber ​​Attacks
Indian SMEs identify several key factors leading to cyberattacks: 53% cite critical or high-level vulnerabilities, 49% cite inadequate security measures, and 48% highlight the heavy use of cloud applications and services. Additionally, 50% perceive nation-state attacks as a major cybersecurity risk in the next 12 months.

Trust alone is not enough to combat cyber threats
India and New Zealand experienced the highest number of breaches or security incidents, despite expressing the highest levels of confidence in their security systems. 65% of respondents in India and 64% in New Zealand are very confident in their overall cyber resilience, and 88% of SMEs in these two countries have experienced a breach or security incident in the last 12 months.

Cybersecurity Challenges Faced by Indian SMEs
ESET’s study also found that despite high confidence in their security systems, 43% of businesses consider the lack of a dedicated cybersecurity team as one of the top three cybersecurity challenges. 36% said alert fatigue was the biggest challenge, the highest among the countries surveyed.

Strengthening defenses after an attack
Following a breach or strong indication of a data security incident, SMEs have implemented various strategies to strengthen their cybersecurity. These measures include conducting comprehensive cybersecurity risk audits, enhancing cybersecurity training, deploying new cybersecurity tools, and providing internal protection tips and tricks. Indian and Malaysian companies are primarily devoting resources to acquiring new cybersecurity tools, at 57% and 58%, respectively.

Armed with potential guarantees for next year
The ESET SMB Cybersecurity Report revealed the following strategies that surveyed Indian SMBs plan to employ over the next 12 months to strengthen their cybersecurity defenses and resilience:

Increased investment in cybersecurity
63% of companies expect to increase cybersecurity spending over the next 12 months, with 48% expecting an increase of more than 80%. In contrast, companies in Japan, Singapore and South Korea are more conservative, showing less willingness to increase their cybersecurity spending.

Range of solutions envisaged for the coming year
Indian SMBs are planning significant cybersecurity improvements in the next 12 months, with 38% planning to deploy endpoint detection and response (EDR), extended detection and response (XDR), or managed detection and response (MDR) solutions. Additionally, 33% plan to integrate cloud-based sandboxing, 36% will implement full disk encryption, and 40% will focus on vulnerability and patch management.

Currently, 69% of SMBs use cloud-based cybersecurity management. Key factors influencing the choice between cloud and on-premise solutions include data security and internet connection speed.

Potential outsourcing to third parties

27% of SMBs currently outsource some of their cybersecurity responsibilities to a third-party service provider, while 22% manage cybersecurity in-house and have no plans to outsource. Looking ahead, 27% of SMBs plan to outsource some or all aspects of cybersecurity in the next 12 months.

The ESET SMB Cybersecurity Report was conducted in the second half of 2023 in partnership with market research firm Blackbox, which aims to increase understanding of cybersecurity attitudes and the state of cybersecurity practices among SMBs in the region.