SINGAPORE: Small and medium-sized enterprises (SMEs) in Singapore are exhibiting a troubling decline in cybersecurity awareness, with a growing number operating without any protection against cyber threats, according to the latest QBE SME Survey for Singapore.

The survey revealed that only 47% of SMEs in Singapore were fully informed about potential cybersecurity risks this year, a significant drop from the 57% recorded in the previous year.

Alarmingly, 19% of SMEs indicated they had no protection against cybersecurity risks, more than double the 9% from last year.

The report also outlined the top cybersecurity risks as perceived by SMEs. Malware led the list, followed by data breaches, with phishing and smishing rounding out the top three threats.

Interestingly, the survey noted a decrease in the number of SMEs affected by cyber incidents, with 25% reporting cyber events this year compared to 38% last year. This downward trend in reported incidents might be contributing to the decline in cybersecurity awareness among smaller businesses, according to QBE.

“This number shows how vulnerable SMEs may be to cyber risks, and underscores the need for companies to educate, upskill, and protect themselves in this area,” said Shun Quan Goh, underwriting head of retail SME at QBE Singapore. “Businesses cannot afford to be complacent about cybersecurity. It really is a matter of when, not if, a cyber breach happens.”

The QBE survey also examined how SMEs are protecting themselves against cyber threats. The most common form of protection was software solutions, with 59% of businesses using them. Other protective measures included staff training (46%), dedicated cybersecurity staff (44%), and internal policies for handling potential risks (43%).

Despite the risks, only 38% of SMEs reported having cybersecurity insurance. However, more than half (55%) expressed interest in purchasing cyber insurance this year, indicating a growing awareness of the need for risk mitigation in this area.

The findings were based on responses from 605 SME business leaders in Singapore, surveyed between December 2023 and January 2024.

The report highlights the critical need for SMEs in Singapore to take proactive measures to safeguard their digital assets and infrastructure. As cyber threats continue to evolve, businesses are urged to prioritize cybersecurity awareness and implement comprehensive security strategies to minimize potential risks.