Blackpanda unveils study on SME cyber risks across Asia Pacific
BLACKPANDA, headquartered in Singapore, is Asia’s leading digital forensics and cyber security firm. It recently released its first proprietary study, analyzing cyber security vulnerabilities in SME companies across the Asia Pacific region.
The security firm utilized in-house external attack surface management (ASM) scans and data to identify top vulnerabilities that represent significant risk level where threats are recommended to be resolved as soon as practicable or within a matter of days to prevent potential infiltration by attackers to launch an attack.
Gene Yu, CEO of Blackpanda Group stressed that humans, not technology is behind cyberattacks,
“Even cybersecurity experts forget that in cybercrime, we are actually dealing with people, who are the criminals themselves, not the technology. Often it is technology that is the focus of a cybersecurity solution, when it is in fact, humans behind the digital crimes,” Yu explained saying that part of his company’s success is actually clamping down of cybercriminals themselves.
The report underscores how budget constraints and a lack of focus on preventative measures leave SMEs particularly exposed to potentially devastating cyberattacks.
“Our study shows that in the cybersecurity landscape for SMEs in the Asia Pacific region, giving resource-strapped businesses access to the protection and expertise they need to stay secure in an increasingly digital world,” Yu stressed.
The study identified three key areas where SMEs are most at risk. First is compromised assets such as email breaches. Yu said and emails seems innocuous but Blackpanda has classified it as a high-risk attack, representing 71.68 percent of total risks. This leaves SMEs highly susceptible to information leakage and phishing attacks.
It also lists, exposed web services, comprising 69.92 percent of high-risk exposures, presenting entry points for damaging web-based attacks. Finally, not patching or updating software or programs known to have vulnerabilities represent 59.96 percent of system security problems. Though classified only as a medium-risk issue. It still highlights the urgency for businesses to address basic patching and software updates.
“The majority of the cyber incidents we encounter can be traced back to fundamental vulnerabilities that remain unpatched…As part of our commitment at Blackpanda…we are not only focused on responding to these emergencies but also on significantly reducing the occurrence of such attacks across the entire market.”
SMEs often find themselves lacking the resources or awareness to implement robust cyber security measures on par with larger enterprises. This leaves them more vulnerable to other significant risks, such as exposed database and remote access services, poor system and DNS configurations, and outdated software.
To combat this growing threat, Blackpanda offers IR-1, a SaaS platform providing incident response, vulnerability assessments, and cyber insurance in a single package.
“In the Philippines, we see a significant number of high severity vulnerabilities that allow attackers to target SMEs and gain unauthorized access to email accounts, or disrupt server operations,” Evelyn del Monte, Managing Director for Blackpanda Philippines told reporters at the media launch of the mulit-faceted cybersecurity solution.
IN ITS inaugural study on cyber security vulnerabilities in SMEs across the Asia Pacific, Blackpanda, utilizing in-house ASM scans, highlights critical risks demanding urgent resolution to thwart potential attacks, signaling a call to action for businesses to fortify their digital defenses against evolving threats.
“Our incident response capabilities alone are tailored to address these challenges head-on,” del Monte commented to a question on how small companies can take full advantage of Blackpanda’s expertise.
IR-1’s cost-effective, subscription-based model is ideal for SMEs. Its features give them proactive tools and critical support. These include guaranteed, fixed-cost incident response minimizes costly downtime and ensures immediate access to experts, unceasingly identify risks, allowing businesses to take preemptive action.
One of its strongest assets, wherever it is available. is the cyber insurance called Pandamatics. This insurance product simplifies coverage, providing financial protection when needed as well as spread the costs over a number of members.
In the conversation with Yu, he made an interesting point to the use of analog techniques while dealing with criminals online is a necessary step in cybersecurity. This does not mean downshifting to manual methods of tracking exploits but rather using codes, safe words and signals embedded into code or messages.
“IR-1 equips our clients with robust tools and resources essential for both preventing and mitigating cyberattacks. We have several significant upgrades scheduled for this year. Our subscribers can look forward to rolling out even more advanced, technology-driven solutions tailored to their needs,” del Monte concludes.
