A study by vendor ESET has revealed a troubling willingness by Australian small and medium businesses (SMBs) to pay ransomware criminals, a practice that's widely discouraged by cybersecurity experts and government organisations.
Its ESET SMB Cybersecurity Report surveyed over 1,400 IT professionals in the Asia-Pacific region and found that 87 per cent of Australian SMBs might consider paying cybercriminals in the event of ransomware extortion.
Parvinder Walia, ESET's president of Asia Pacific and Japan, warned against the dangerous practice of paying ransoms.
"It is crucial for SMBs to understand that paying cybercriminals only perpetuates further cybercrime," he said.
Walia urged businesses to focus on implementing proactive measures to prevent cyberattacks instead.
Other concering statistics that the report highlighted includes 86 per cent of SMBs expressing high confidence in their security systems but despite that, 60 per cent experienced breach attempts or cybersecurity incidents in the past 12 months.
SMBs are aware of the dangers, with 76 per cent of respondents agreeing that businesses of their size are more vulnerable to cyberattacks compared to larger enterprises.
The study also revealed a gap between concern and action.
While 62 per cent of SMBs expressed concern about vulnerabilities, only half are using vulnerability and patch management software.
This discrepancy points to a need for better alignment between perceived threats and implemented solutions.
ESET said it had dentified several key challenges faced by SMBs in their cybersecurity efforts.
These include a lack of dedicated cybersecurity teams, with 45 per cent of respondents citing this as one of their top three challenges.
Additionally, 26 per cent reported alert fatigue as their biggest challenge.
Looking ahead, the report outlined strategies that Australian SMBs intend to employ in the next 12 months to bolster their cybersecurity defences.
These include increased investment in cybersecurity, with 42 per cent anticipating a rise in spending. Some firms are considering more advanced solutions, such as Endpoint Detection and Response (EDR) and cloud-based sandboxing.
Experts stress the importance of proactive measures, employee training, and leveraging resources such as the No More Ransom initiative to combat the growing threat of cyberattacks without resorting to paying criminals.
As the digital landscape continues to evolve, the need for robust cybersecurity measures becomes increasingly critical for businesses of all sizes, and ESET urged SMBs to strengthen their defences and adopt a more proactive stance against cyber threats.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
