Cyber attacks have moved from a distant prospect to a very real business threat for many small business owners in Australia. While high-profile cyber attacks have already struck some of the largest companies both here and around the world, many smaller firms are now being targeted too. These attacks won't get the coverage that a major breach would, but SMEs are often more vulnerable to the fallout of a serious incident.
At the same time, there's an even greater number of possible sources for a cyber attack. As well as individual hackers, Australian businesses are being targeted by 'hacktivist' groups and even state-sponsored cyber-attacks. According to the Australian Cyber Security Centre, potentially up to 400 local companies were targeted by Russian state-sponsored hackers in 2017.
It's not all doom and gloom for Australian small businesses looking to manage their risk profile, however. There's a few easy steps that SMEs can take to ensure they are minimising their exposure to a cyber attack.
What are criminals targeting?
The first stop for minimising cyber risk for any small business owner is to understand what it is that a cyber criminal is interested in acquiring from your company. For example, if you're a small retailer with an online payments system, hackers might be looking to compromise your customer records to get credit card information and matching email addresses and customer information.
60 per cent of staff who found a USB stick in the building parking lot then plugged it into a work computer.
Other times, hackers aren't going to be attacking your business, but they might be using your network to get access to your clients' systems. This will be a very real possibility if you're a small B2B company offering services to government agencies or corporate clients.
Whatever it is about your business that a cyber criminal might be looking to target, understanding what's going to motivate them is the first step in protecting your business.
4 ways to protect your business from cyber attacks
Once you know why a cyber criminal might be targeting your business, you can start to look at how to protect your business from cyber attacks, and how you can minimise the impact when a hack does occur. Here are four steps you can take today to improve your cyber security:
1) Invest in the basics. There are some cyber security measures that every business needs to put in place. These include installing a firewall for your network and anti-virus software on all your devices. This doesn't just cover office computers, but also any laptops and mobile phones you're using.
2) Staff education. The US Department of Homeland Security revealed 60 per cent of their staff who found a USB stick in the building parking lot then plugged it into a work computer, instantly breaching their security. You need to make sure staff understand cyber risk and use strong passwords, change them regularly and use their work devices properly.
3) Keep your software up-to-date. The WannaCry ransomware infected hundreds of thousands of computers in early 2017 be exploiting a weakness in old versions of the Windows Operating System. If your software's out-of-date, it's at greater risk of attack so make sure you're keeping everything updated.
The losses from the #WannaCry #cyberattack has been estimated as high as $4 billion worldwide. @BlackRidgetech https://t.co/XdWHprLYWz @BlackRidgeTech #IIoT #cybersecurity #AI #security #LiveWorx @fogoros @Shirastweet @reach2ratan @jblefevre60 @thehill #br_ics pic.twitter.com/t2NurpXVYG
— IIoT World (@IIoT_World) June 21, 2018
To find out more about your business's risk profile, and whether a cyber insurance policy might be right for your company, make sure to contact us online, and we can have a conversation about your insurance needs.