Outside the massive cybersecurity breaches we’ve seen in recent headlines, small businesses are also experiencing increased incidents of cybercrime.
In Australia in the financial year 2021-22, 76,000 cybercrimes were reported – that’s one every seven minutes – and a 13 per cent increase on the previous year. The 25,000 calls to the Australian Cyber Security Hotline – or average 69 calls per day – was also a 15 per cent increase from last year. Overall, all sectors of the Australian economy were impacted by ransomware incidents, with the average cost per report increasing by 14 per cent on the previous year.
Cybersecurity is the responsibility of every SME and its personnel, to protect themselves, their client data and the data they work with – especially when there are limited resources. How much would it cost you, your business and your clients if that data fell into the wrong hands?
Solutions don’t have to be over-complicated or expensive:
- Backup your data. Make a copy of it and store it offline, and offsite. Use a removable hard drive, cloud storage or secure data centre. This will protect you from data loss and ensure you can recover it if it’s stolen or corrupted. This action may involve policy implementation in consideration of endpoints, or the devices that your teams use to do their jobs. The nature of remote work, encryption and testing and retention has seen a rise in the uptake of professional backup services and security to manage the processes.
- Secure your passwords and implement multi-factor authentication. The critical, fundamental layer to protecting our privacy and data is often the weakest. Bad password choice has contributed to 15.6 million data breaches across major organisations, as reported by Nordpass earlier this year. Installing a password protector and generator, and enabling multi-factor authentication adds another layer of security by asking users for a fingerprint, one-time passwords (OTPs) sent via email or text, or answering security questions.
- Secure your devices and systems. Keep your software and systems updated via automatic updates; clicking ‘remind me later’ could be too late. The creators of software, apps and systems are always making their platforms more secure to stay ahead of criminals, so this is one of the simplest, most effective things you can do. Install security software that includes anti-virus, anti-spyware and anti-spam filters (and turn them on!) across all devices. Firewalls can also protect your internal network from external internet threats but require regular patching to be effective.
- Train your staff and put policies in place. How much do your team members know about cybersecurity? Particularly if they are using their own personal equipment for their daily work? They need to be educated, to recognise that it’s their responsibility also, especially if their equipment is a gateway to your business. Policies can reinforce use, expectations around suspicious activity, and recognition of the risks.
If you feel you need more, you can encrypt important information, and monitor the use of business computer equipment and systems through additional software and security solutions.
Unfortunately, cybercrime will continue to increase. A recent survey revealed that SMEs throughout Germany, Singapore, the UK and the USA spent $57 billion on cybersecurity in 2020. Experts expect that to rise to $90 billion in 2025, with managed security services expected to account for 33 per cent of that investment.
The continuing trend of hybrid work will have an ongoing impact on the challenges for SMEs. Even while securing your remote business infrastructure, there is still the need to build the awareness and skills of employees. These are your frontline defence and can be the strongest link when it comes to cybersecurity for your business.
