Malaysian SMEs Customer Records are the Most Commonly Breached Data

A survey by Chubb of Small and Medium Enterprises (SMEs) in Malaysia has revealed a significant perception gap between the threat of cyber risks and how prepared SMEs are to deal with them. The Chubb SME Cyber Preparedness Report 2019– ‘Ignorance is Risk’ – releasedtoday, reveals that 84% of the respondents in Malaysia were victims of cyber incidents in the past year. At the same time, 67% of SMEs incorrectly believe that large corporations are more at risk than SMEs.

“This is a worrying misconception,” according to Mr Andrew Taylor, Cyber Underwriting Manager, Chubb Asia Pacific. “Particularly with the recent implementation of the National Cyber Crisis Management Plan by Malaysia’s National Cyber Security Agency to combat cyber threats.

“Complacency leaves the door wide open for malicious attacks, future breaches and inadequate incident response,” says Mr Taylor. “In fact, smaller companies face a larger degree of exposure to cyber risk owing to their size and resources, as well as the lack of capital to invest in cyber risk management tools.

With nearly half (48%) of cyber incidents resulting from human and administrative error, it is unsurprising that more than one third (37%) of SME leaders in Malaysia say their employees’ poor understanding of potential cyber threats is challenging their ability to protect their business. Critically, 20% of SMEs believe employees are the weakest link in their cyber defence.

While leaders recognise the importance of cyber training, 41% believe that employees are neglecting their responsibilities around data protection. In the event of a major cyber incident, businesses indicated that customers (60%) followed by company profits and reputation (58%) would be most affected.

Among Malaysian SMEs, customer records are the most commonly breached data – with 40% of businesses facing a breach of customer files in the past 12 months, followed by R&D data, IP data and financial performance data, all at 31%.