Cybersecurity for small-and-medium enterprises in Asia Pacific

By Ricky Kapur, Vice President of Sales, Marketing and Operations, Microsoft Asia Pacific.

Ricky KapurThe past few months have brought unprecedented change to people and organizations around the world. Retail moved almost exclusively to e-commerce platforms and businesses had to rapidly pivot their operations online and in the cloud. As our CEO Satya Nadella puts it, in 2020, we’ve seen two years’ worth of digital transformation in two months – a truly phenomenal pace.

The immediacy and scale at which we had to adapt brought new security challenges. Our recently launched Digital Defense Report revealed that attackers have taken advantage of these challenging times to capitalize on opportunities every day, with every country in the world having at least one COVID-19-themed attack. Attackers have also exploited gaps in traditional security policies, which didn’t cater to an all remote workforce – we’ve seen entire networks ransomed in under 45 minutes, and an increased number of distributed denial of service (DDoS) attacks.


As digital transformation continues apace across all sectors, every business regardless of size is at risk of a cyberattack. This Cybersecurity Awareness Month, we must build safeguards and be prepared to combat lurking cyber threats.

And small-and-medium enterprises (SMEs) are often more vulnerable.

Many small businesses don’t think about cybersecurity until after a security breach. Not having cybersecurity can cost your business money, time, and result in lost sensitive information.  Based on industry conversations, we learn that a large percentage do not know how to protect their companies, lack dedicated IT staff and have inadequate computer and network security.

Failing to invest in cybersecurity actually costs more in the aftermath of a cyberattack, in terms of money, time and loss of sensitive information. In the past year, SMEs were the target of 43% of cyberattacks, and on average, the cost of each attack was $184,000, with a report suggesting that 60% of small businesses fold within six months of a cyberattack.

These statistics are concerning for the Asia Pacific region, where SMEs comprise more than