Southeast Asia’s Small and Medium Enterprises (SMEs) are a crucial component of the region’s digital economy, accounting for 85% of employment and 44.8% of GDP in the ASEAN region. Yet, they face a growing threat: sophisticated email-borne cyberattacks.
While much attention is paid to large enterprises and government infrastructure, SMEs are often perceived as soft targets, increasingly bearing the brunt of AI-driven phishing campaigns and Business Email Compromise (BEC) attacks, a sophisticated cybercrime where attackers use deceptive tactics, often language-only, to trick employees into wiring money or leaking data.
With limited resources and often outdated security systems, many are ill-equipped to defend themselves, making the cost of a breach devastating not just financially, but also to their hard-earned reputation and customer trust.
The urgency of this challenge is underscored by recent data from across the region. In Indonesia, AI-powered cyberattacks have tripled in 2025 according to Fortinet-IDC, with ransomware, phishing, and BEC targeting organisations at every level. Similarly, Thailand has seen over 1,000 cyber incidents in the first five months of 2025, with 60% of organisations suffering data breaches and more than half paying ransom.
Fortinet also reports that ransomware attacks in the Philippines costing firms an average of $500,000 per incident, with deepfake impersonation in BEC emerging as a pressing concern. These figures highlight a stark reality: email, the most foundational layer of digital operations, has become the preferred entry point for sophisticated attacks across Southeast Asia.
For SMEs who often lack dedicated cybersecurity teams or robust IT budgets, these threats are particularly acute. While large corporations can invest in cutting-edge security suites and specialised personnel, SMEs often rely on basic, often insufficient, email filters. This leaves them vulnerable to highly personalised, AI-driven threats that exploit human vulnerabilities, bypassing traditional defenses with alarming ease.
To stay resilient and safeguard their critical role in the dynamic digital economy, SMEs must move beyond reactive measures and adopt a proactive, multi-layered approach to email security. Here are key strategies for ASEAN’s SMEs, which often operate on limited resources, to defend against rising threats:
Simplify security management: treat email as core infrastructure
For SMEs where employees often handle multiple roles, where the owner might also be the IT administrator, email must be treated as the nervous system of the entire operation. A single breach in this foundational layer can cripple everything from client communication to financial transactions. The first step for SMEs is to select collaboration platforms with an easy-to-use administrative interface that does not require dedicated, specialised personnel to manage or update. This shift embeds a security-by-design mindset, ensuring security is integrated, not an afterthought that drains limited time and technical resources.
Prioritise high-impact, automated defenses
Off-the-shelf email filters are no longer sufficient to combat high-cost threats like Business Email Compromise, which demands urgent attention from resource-constrained SMEs. These businesses must prioritise technology that delivers enterprise-grade security without demanding a dedicated IT team.
This means investing in automated secure defense, with essential security layers like two-factor authentication, alongside built-in features like encryption and anti-phishing protocols, which are easy to deploy and low-maintenance.
Build trust through localised data control and compliance
SMEs must prioritise technology that delivers advanced protection, such as simple, mandatory multi-step login security and automated filtering tools designed to be powerful yet easy for small teams to manage. SMEs cannot afford to risk customer confidence by relying on foreign providers who store data abroad, potentially exposing them to compliance issues and a loss of control.
The strategic solution is to select customisable platforms that allow data to be housed locally, which ensures sensitive information aligns with national mandates, safeguarding customer data and maintaining the crucial public confidence that powers local economies.
Cultivate a ‘Human Firewall’ with targeted education
Technology is essential, but the human element remains the first and last line of defense. The challenge of a lack of awareness about sophisticated cyber threats is compounded when employees are juggling multiple roles. Organisations must invest in regular, engaging, cybersecurity awareness training focused on social engineering tactics like advanced impersonation and phishing. By empowering staff to recognise and report threats quickly, SMEs cultivate a resilient ‘human firewall’ and significantly reduce the risk of costly human error.
Crucially, resilience also requires a clear contingency strategy. SMEs must ensure their core collaboration infrastructure includes automated, real-time backup and rapid recovery capabilities. This could minimise costly downtime and guarantee continued operation even if an attack successfully breaches the human and technological perimeters.
By adopting these proactive and focused strategies, the SMEs of the local economies can transform their email security from a vulnerability into a resilient defense. SMEs are a crucial component of the region’s digital economy and GDP. Their security is synonymous with local economic stability.
SMEs that leverage secure, on-premises platforms aligned with local compliance benchmarks, such as those using open-core and hybrid customisable email infrastructure, are setting the standard. SMES must lead in the digital-first world, secure customer trust, and protect their vital operations, so that they can continue to foster economic growth across the region.
