Two surveys have drawn attention to the well-being and prospects of Singapore's small and medium-sized enterprises (SMEs). According to one survey, many SMEs take the risk of cyber attacks too lightly, although three in five SMEs said that they suffered cyber-security breaches that resulted in business disruptions and data leaks over a 12-month period. In the survey of 300 SMEs, only 30 per cent of those affected notified their customers or employees about the data leaks. Instead, more than three in five polled said they believed that large corporations were more at risk of cyber attacks than SMEs. According to the second survey, most companies in Singapore are also not investing enough in their workers, with only 12 per cent putting money on better training for their employees. At the same time, almost one-third of them say the task of training their workers in digital skills is a major concern, topped by the lack of suitable manpower with technological expertise, a shortage highlighted by about 40 per cent of the companies. But the first challenge they face is getting people with the right skills and attitude, with almost two-thirds of large companies as well as SMEs saying so.

The issues identified by the two surveys are not unrelated. Many SMEs behave like little firms although the sector accounts collectively for the largest part of the employment map. Singapore has about 200,000 SMEs which employ around 2.2 million workers, who make up almost 70 per cent of the workforce. Yet, unlike the remaining 30 per cent - whose employers are large enough individually to invest funds in training staff and bolstering cyber security - many SMEs get by, believing that they are too small to fail. That attitude suggests that they regard the threat of cyber attacks as something that is likely to afflict only large companies, which they see as the prized targets of hackers aiming to disable and bring down entire ecosystems. But the opposite is true.