11 November 2020 – Just when the small and medium enterprises (SMEs) in Malaysia prepared to see their businesses pick up after seeing positive development after the Recovery Movement Control Order (RMCO) announcement, Kuala Lumpur, Selangor, Labuan, Sabah and Putrajaya are currently facing another risk of business slow down with the announcement of Conditional Movement Control Order (CMCO) in October with the probability of further extension.
Malaysia’s SMEs Gross Domestic Product (GDP) experienced growth at 5.8% in 2019 and employed 7.3 million individuals . SMEs continue to play a significant role in the country’s growth as it makes up 98.5% of total registered businesses. Bank Islam Malaysia shared recently that the current economic environment and the rising unemployment rate may hinder Malaysia’s economy from growing at a positive rate. In addition, the growth of the SME segment is expected to decline by 1% this year .
According to Malaysian Employers Federation, 2020 has been very hard on employers especially in terms of managing cash flow with generally reduced revenue but having to pay salaries, operational expenses as well as taxes . The group said that employers would need to facilitate a conducive working environment for their employees who are working from home. Moreover, providing tools and guidance to safeguard confidential data from potential hacking as working from home equates to a lowered security level.
In the first half of this year, Kaspersky reported cryptomining attempts logged the highest for SMEs in Southeast Asia (SEA) at 1,726,799. According to Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, these threats are silent, hidden inside devices and networks, slowly consuming the bandwidth, electricity, and damaging the hardware, costing the SMEs dearly in the SEA region, when the SMEs experiencing tight cash flow at the moment.
The global cybersecurity company also revealed that there were 1,602,523 phishing attempts and 504,304 ransomware detections targeted against SMEs in the region from January to June 2020.
“The Malaysia Cyber Security Strategy 2020-2024 announced recently, putting forward national cybersecurity preparedness of the country, is timely and necessary. Cybersecurity has gone beyond protecting endpoint devices, it is now about developing an ecosystem where everything connected is protected, especially at this period when the country is ready to embrace technologies such as 5G and Industry 4.0. We see these strategies will encourage more businesses like SMEs to protect their digital assets, which also means securing their business continuity,” adds Yeo.
Datin Lorela Chia, Chairman, Central Region at Small and Medium Enterprises Association Malaysia (SAMENTA) says, “Our members are paying more attention to digitalizing their businesses with more emphasis on technology adoption. Even with the CMCO 2.0 taking place at the moment, some of our members are taking the opportunities to test whether their businesses could run digitally as a whole. These involve processes such as finance, sales and purchases. For our members who are embarking on the digital journey, we encourage them to apply for the grant provided by Ministry of Finance, Bank Simpanan Nasional, SME Bank and Malaysia Digital Economy Corporation (MDEC). These grants would ease their cash flow by a bit.”
Understanding the importance of cybersecurity for SMEs, more so in the stage of preserving cashflow, Kaspersky recently introduced its new solution for SMEs in the region, Kaspersky Endpoint Detection and Response Optimum (KEDRO).
“KEDRO goes beyond endpoint protection. It delivers full visibility and empowers SMEs’ limited IT staff to conduct a root-cause investigation and to quickly and intelligently respond against complex and costly threats. We have made this solution as simple to operate as possible, acknowledging the challenge of finding internal IT experts and most importantly, budget-friendly as we are aware of the financial impact of the pandemic to businesses,” explains Yeo.
Aside from this, Kaspersky also has the following reminder for SMEs to beef up their security online:
- Renew the corporate site security certificate – Websites that request or process user data must have an SSL certificate. The validity of the said certificate’s validity period is limited, which will need to be reissued every three, six or twelve months.
- Update router firmware – The older the software, the more likely it is to contain vulnerabilities, so it is critical to keep all software up to date.
- Revoke unnecessary rights – a dismissed employee can cause all possible trouble if their accounts and access to the corporate network are not closed in time. Cyberrevenge against former employers is real.
- Back up – Backing up data helps protect it from wipers, ransomware, careless employees and other hazards. It is better to schedule an automatic backup.
- Update antivirus licenses on servers – security software on workstations and mobile devices come with subscription renewal. It is good to check on servers too. An unprotected server can cause a range of problems, from data leakage to hosting malicious resources in the infrastructure to turning one’s office into cryptofarm.