The Barracuda Networks report, SMB Cyber Resilience in Japan - Security Success Depends on People, which reveals significant concerns regarding cybersecurity among small and medium-sized businesses (SMBs) in Japan. The survey, conducted among 500 IT professionals, found that three-quarters of respondents doubt their organisations' ability to withstand a ransomware attack.
The report indicates that while 92% of the surveyed SMBs have a cybersecurity strategy in place, only 28% feel confident that they could effectively respond to a ransomware incident. Notably, 17% of respondents reported having no incident response plan, and 22% indicated that there is no dedicated cybersecurity role within their organisation. This raises questions about the preparedness of these businesses to manage cyber threats.
The findings further highlight a disconnect between business leaders and cybersecurity, with over 20% of IT professionals stating that executives either do not care about or do not understand cyber risks. Perspectives among leaders vary significantly; some believe their businesses are immune to attacks (20%), while others feel that an attack is inevitable but futile to prevent (22%). Additionally, 22% assume that cybersecurity is straightforward and overestimated, and 21% acknowledge a superficial commitment to cybersecurity.
Communication also appears to be a challenge, as 16% of respondents reported a lack of internal communication during or after a breach, and another 16% noted insufficient external communication. This lack of dialogue can hinder effective incident management and recovery.
Moreover, only 23% of the surveyed SMBs reported having immutable or offline backups, which are crucial for protecting against data tampering and ensuring swift recovery in the event of a ransomware attack. The report underscores the critical need for enhanced awareness and training around cybersecurity among business leaders, as their understanding and commitment can significantly influence organisational resilience.
Makoto Suzuki, country manager for Barracuda in Japan, emphasised the importance of business leaders recognising the evolving cyber risk landscape. He advocated for IT and security professionals to convey cyber risks using business-focused language to foster a collaborative environment for developing effective cybersecurity strategies.
