Researchers in Vietnam are working on a new tool to help small and medium-sized businesses in the region tackle cyber threats.
RMIT Vietnam researchers are working on a groundbreaking tool that will help small to medium businesses (SMEs) in South-East Asia prioritise security threats to better protect their organisations from cyber-attacks.
Chief Investigator, Assistant Professor Mathews Nkhoma, is leading the project to develop a new budgetary framework for use by SMEs, which are the biggest targets of opportunistic attacks worldwide.
"Cybercrime statistics show most of the traffic of attacks is going to South-East Asia, targeting smaller organisations," Assistant Professor Nkhoma said.
"SMEs in the region are particularly vulnerable and face real difficulties when trying to determine where to target their limited resources to best protect their infrastructure.
"The framework we are developing will be the first of its kind, empowering SMEs across South-East Asia to make sound budgetary decisions when allocating funds to information security."
A recent report by security firm Verizon showed 85 per cent of opportunistic attacks worldwide last year targeted businesses with less than 1000 employees, with the large majority of those in the retail, trade, accommodation and food industries.
Symantec's internet security threat report for 2011 showed advanced targeted attacks were also increasingly aiming at SMEs, with almost 18 per cent of target companies having fewer than 250 employees
RMIT researchers are interviewing hundreds of SMEs as well as some larger corporations in Vietnam, Thailand, Laos and Cambodia as part of the project, which has been funded through the 2012 RMIT Vietnam Research Grant.
Assistant Professor Nkhoma said the finalised framework would be tested in the region but could be adapted for use anywhere in the world.
"There are myriad ways that SMEs can suffer security breaches and myriad ways they can invest to protect themselves, from anti-viral software to implementing firewalls," he said.
"The problem for smaller organisations that may lack expertise in IT is determining how to justify their security budget, based on hard facts rather than anecdotal evidence.
"Our new tool will help them make those decisions with confidence."
The framework is expected to be complete by the end of 2012, with public release expected early next year.