How to protect your business from cyberattacks
Small and medium-sized enterprises (SMEs) in Singapore have faced many challenges stemming from COVID-19. The pandemic has impacted people’s health, reduced economic activity – in some sectors, to almost zero – and provided a smokescreen to conceal some types of criminal activity, especially online. This uptick in cyberattacks coincides with a new urgency to digitalise. With many customers confined to their homes and social-distancing measures prohibiting crowded dining areas, a surge in restaurants and hawkers have joined food-delivery platforms1. Likewise, there was a rapid increase in online sales of groceries2 and other types of e-commerce.
To help businesses with their digitalisation efforts, the Singapore government has created a number of programmes, including the IMDA’s “Stay Healthy, Go Digital” campaign – which encourages digitalisation during the pandemic – and the extension of the Productivity Solutions Grant under the “SMEs Go Digital” programme until March 2022.
Cyberattacks are a common business issue
According to the Cyber Security Agency of Singapore (CSA), a total of 9,430 cybercrime cases were reported in 2019, representing more than a quarter of all crime in Singapore3. This was further amplified by the pandemic - criminal online activity increased4, with 93% of Singaporean organisations seeing an increase in cyberattacks5. Small businesses are especially vulnerable: according to the CSA, almost 40% of cyberattacks target SMEs6.
In order to reduce their risk, cybersecurity is an area where companies need to be proactive. However, it is one of the tallest hurdles for SMEs to overcome in their race to adopt digital technologies7. According to our SME Outlook Study 2021, cybersecurity is the second biggest worry that companies have about digital transformation, second only to the cost of implementation.
While SMEs need to digitalise in order to keep up with their customers’ expectations and reap the benefits of improved efficiency, they need to do it securely. This means thinking about cybersecurity from the outset.
Develop a cybersecurity strategy
A good starting point is to identify the critical assets – those that are proposed as well as those that already exist. If a business is engaged in e-commerce, its website and inventory system are both critical, as the company cannot trade without them. Critical assets could also include human resource information and intellectual property.
The next step should be to identify the possible threats to each of these critical assets. A good starting point would be understanding common attacks and attack patterns. Attacks could come from unknown websites, unmonitored digital assets, malware, ransomware, phishing, and more. When making a strategy to protect essential assets, it’s important to remember that all the devices and networks that interact with the systems are as crucial as the software itself.
Once the assets and threats are identified, companies should devise a cybersecurity plan that covers planned and deployed security measures – including controls, training and defences – and the response process in the event of an incident.
Your employees should be an important part of your cybersecurity defences. It is helpful to give training and regular reminders of good practices – for example, showing how to recognise phishing emails, or stressing the importance of not sharing passwords – as well as demonstrating the steps to be taken in the event of a cyberattack.
Technical measures that may be deployed include the use of security software on all devices used to access company systems; commercial-grade email protection to block phishing or otherwise fraudulent messages; and two-factor authentication to avoid reliance on passwords.
Pick reliable partners and invest in insurance to mitigate cyber risk
Rather than over-complicating your cybersecurity strategy, choose market-tested solutions from reliable partners as they will simplify the process.
For example, tap the government’s Start Digital Pack to make the most of digital technologies while emphasising cybersecurity. It includes products for accounting, human resources, digital transactions, digital marketing and cybersecurity. Sign up for 6 months of no-cost access to any two of the available solutions.
If a security breach does occur despite a firm’s best efforts, insurance can provide the buffer that allows the SME to survive the incident. UOB BizCare insurance package provides 9 types of cover*, including cover for the interruption of computer systems which has been caused directly by a failure of computer security to prevent a security breach.
Find out how you can accelerate your digitalisation journey while helping to keep your business secure with UOB BizCare.
*Please refer to the applicable policy contract for the full details of the terms, conditions and exclusions of this insurance product.
IMPORTANT NOTICE AND DISCLAIMER
The above is provided for general information only and is not a contract of insurance. Full details of the terms, conditions and exclusions of this insurance are provided in the policy contract and will be sent to you upon acceptance of your application by United Overseas Insurance Limited (“UOI”). You may wish to seek advice from a qualified adviser before making a commitment to purchase the product. In the event that you choose not to seek advice from a qualified adviser, you should consider carefully whether this product is suitable for you. United Overseas Bank Limited (“UOB”) does not hold itself out to be an insurer, insurance broker or insurance agent. The insurance products and services stated herein are provided by UOI. This advertisement has not been reviewed by the Monetary Authority of Singapore.
BizCare may only be purchased by selected customers of the Business Banking segment of UOB.
While all information provided herein is believed to be correct and reliable at the time of publishing or posting online or, where applicable, printing, UOB and UOI make no representation or warranty whether express or implied, and accept no responsibility or liability for its completeness and accuracy.
Policy Owners' Protection Scheme
This policy is protected under the Policy Owners' Protection Scheme which is administered by the Singapore Deposit Insurance Corporation (SDIC). Coverage for the policy is automatic and no further action is required from you. For more information on the types of benefits that are covered under the scheme as well as the limits of coverage, where applicable, please contact your insurer or visit the Life Insurance Association (LIA) or SDIC websites
United Overseas Bank Limited Co. Reg. No. 193500026Z
United Overseas Insurance Limited Co. Reg. No. 197100152R
7UOB SME Outlook Study 2020