Cisco report on cyberattact threat among Vietnamese SMEs

According to the study, 59 per cent of SMEs in Vietnam suffered a cyber incident in the past year. As a result of these incidents, 86 per cent lost customer information to the hands of malicious actors.

This is making SMEs more apprehensive about cybersecurity risks, with 71 per cent saying they are more worried about cybersecurity now than they were 12 months ago, and 67 per cent saying they feel exposed to cyber threats.

However, SMEs in Vietnam are not giving up. In fact, the study highlights that they are taking strategic measures like carrying out simulation exercises to improve their cybersecurity posture.

SMEs in Vietnam are more worried about cybersecurity now than they were 12 months ago

Titled Cybersecurity for SMEs: Asia Pacific Businesses Prepare for Digital Defense, the study is based on an independent, double-blinded survey of over 3,700 business and IT leaders with cybersecurity responsibilities across 14 markets in the Asia-Pacific, including 152 respondents in Vietnam.

The survey highlighted that SMEs saw a myriad of ways in which attackers tried to infiltrate their systems. Malware attacks, which affected 89 per cent of SMEs in Vietnam, topped the charts, followed by phishing, with 69 per cent saying they experienced such attacks in the past year.

Two in five (39 per cent) SMEs in Vietnam that suffered a cyberattack highlighted cybersecurity solutions not being adequate to detect or prevent the attack as the number one reason for these incidents. Meanwhile, 32 per cent attributed not having cybersecurity solutions in place as the top factor.

These incidents are having a tangible impact on business. 30 per cent of SMEs in Vietnam that suffered cyber incidents in the past 12 months said these cost the business $500,000 or more, with 4 per cent saying that the cost was $1 million or more.

“SMEs in Vietnam have increased their pace of digitisation over the past 18 months. This is driven by their ability to leverage technology to continue to operate and serve their customers even as they tackled the implications of the pandemic,” said Luong Thi Le Thuy, managing director, Cisco Vietnam.“Their digitisation has in turn fueled a critical need for SMEs to invest in solutions and capabilities to ensure they are safeguarding themselves on the cybersecurity front. This is because the more digital they become, the more attractive a target they are for malicious actors.”

Managing director Luong Thi Le Thuy of Cisco Vietnam

Besides the loss of customer data, SMEs in Vietnam that suffered a cyber incident also lost employee data (67 per cent), internal emails (61 per cent), financial information (58 per cent), intellectual property (56 per cent), and sensitive business information (51 per cent). In addition, 61 per cent admitted it had a negative impact on their reputation.

The scale of the challenge is highlighted by the fact that only 8 per cent of respondents in Vietnam said they were able to detect a cyber incident within an hour. The number of those that were able to remediate a cyber incident within an hour is even lower at 3 per cent.

“We are living in a world where customers seek instant gratification. They no longer have the patience for lengthy downtimes. It is critical for SMEs to be able to detect, investigate, and block or remediate any cyber incident in the shortest time possible,” said Juan Huat Koo, Cybersecurity director, Cisco ASEAN. “To be able to do that, they need solutions that are easy to deploy and use, integrate well with each other, and help them automate capabilities like detection, blocking, and remediation of cyber incidents. In addition, they need clear visibility across their entire userbase and IT infrastructure including their cloud and ‘as a service’ deployments, and take a platform approach to cybersecurity.”

Cisco’s study found that while SMEs in Vietnam are more worried about cybersecurity risks and challenges, they are also taking a planned approach to understand and improve their cybersecurity posture through strategic initiatives. According to the study, 88 per cent of Vietnamese SMEs have completed scenario planning and/or simulations for potential cybersecurity incidents in the past 12 months, and the majority have cyber response (89 per cent) and recovery plans (88 per cent) in place.

The good news is there are generally strong levels of investment by SMEs in cybersecurity. Across the board, 87 per cent of Vietnamese SMEs have increased their investment in cybersecurity since the start of the pandemic, with 39 per cent increasing investment by more than 5 per cent. These investments are well distributed across areas such as cybersecurity solutions, compliance or monitoring, talent, training, and insurance, suggesting a strong understanding of the need for a multi-faceted and integrated approach to building a strong cyber posture.