Corporate Wellbeing Asia 2023
human resources online

Half of Hong Kong SMEs employees are unaware for rising cyber risks


With three-quarters of SMEs (Small and medium enterprises) in Hong Kong surveyed experiencing a cyber incident in the past year, half of Hong Kong's SME leaders considered their employees are still not aware of all the potential cyber threats in the workplace and 38% of them were not confident that all their employees who have access to sensitive data are fully aware of their data privacy responsibilities, according to recent research.

SMEs are most concerned about the effects on their relationships with customers (51%), but less so than in 2018 (64%). This is followed by worries around revenue and sales (49%), company profits (46%) and market reputation (46%). A total of 41% of SME leaders said there is no consistent understanding across their organisation of what cyber risk means.

“Building awareness among employees is more important than ever. Employees are both the biggest risk and greatest opportunity for SMEs looking to improve their cyber defences. Being the organisation’s first line of defense, they can play a critical role in detecting and preventing breaches. Not investing in upskilling employees on cyber risk is a missed opportunity,” said Mr Andrew Taylor, cyber underwriting manager at Chubb Asia Pacific.

After a cyber attack incident, more than a third (34%) of SMEs reviewed their security protection but took no future action. Only 11% made any attempt to recover breached data files, while nearly a third (32%) of SMEs in Hong Kong did not purchase cyber risk insurance before or after experiencing a cyber breach. Almost half (45%) do not fully understand the insurance solutions available to them.

“With SMEs making up 98% of all businesses in Hong Kong, the number of businesses covered by cyber insurance is worryingly low,” said Mr Stanley Wong, president at Chubb Hong Kong, Taiwan and Macau.

“There is a misconception that smaller businesses face less cyber risk than larger companies, when in fact the opposite is true. A large cyber incident could spell the end of a small business and leave them open to significant third-party liabilities. With three quarters of SMEs experiencing a cyber incident in the past 12 months, there is an urgent need for all businesses to protect themselves.”

Follow us on Telegram and on Instagram @humanresourcesonline for all the latest HR and manpower news from around the region!

Related topics

Free newsletter

Get the daily lowdown on Asia's top Human Resources stories.

We break down the big and messy topics of the day so you're updated on the most important developments in Asia's Human Resources development – for free.

subscribe now open in new window