Business Cyber Security delivered via Cloud
Free Call:
Email:
Company Address:
116 Gawler Place
Adelaide SA 5000
Postal Address:
PO Box 1235,
Glenelg South SA 5044
Copyright © 2024 | Magnetic Alliance Cyber Pty Ltd | Designed by Magnetic Alliance
Cybersecurity and the other 99.8%
It is not hard to see why the majority of small to medium enterprise (SME) owners in Australia feel that a cyber-attack would not impact them.‘2 out of 3 respondents (66%) believe a cyberattack is unlikely, even though in reality 67% of Small to Medium Businesses experienced a cyberattack in the last year’.
Keeper Security’s 2019 SMB Cyberthreat Study.
‘2 out of 3 respondents (66%) believe a cyberattack is unlikely, even though in reality 67% of Small to Medium Business
experienced a cyberattack in the last year’.
Keeper Security’s 2019 SMB Cyberthreat Study
SME owners are told that they have enough protection via antivirus software.[1] They feel that they are ‘too small’ to warrant anyone wanting to hack their business.[2] They believe that employees ‘know enough’ not to click on dangerous emails.[3]
Further, we only hear about big newsworthy cybersecurity breaches – such as BlueScope, MyBudget, ServiceNSW, Toll Group – which affect hundreds of customers and cost millions of dollars. However, large businesses like these (with 200+ employees) only make up 0.2% of the total Australian business count.[4]
So, what about the other 99.8%?
Despite SMEs being the target of 43% of all cyber-crime,[5] we never hear about these crimes. This leaves many SME owners asking:
How much can a cyber-attack really impact my business?
I discuss this question every day with Australian business owners and whilst the answer varies depending on their industry, size and existing cybersecurity strategy, we know from a financial perspective that the average cost of a cybersecurity breach for Australian Businesses is $276,323 per attack.[6] This includes extortion costs (i.e. ransomware payments), recovery costs and revenue loss.
It does not include long-term indirect impacts such as brand and reputation damage, media management and potential legal implications.
We also know that larger organizations are usually confronted with larger overall security breaches, but SMEs experience a much higher relative negative impact. A 2019 IBM report highlights this, stating that:
’We found significant variation in total data breach costs by organizational size… smaller organizations have higher costs relative to their size than larger organizations, which can hamper their ability to recover financially from the incident’.
Cost of a Data Breach Report 2019, IBM Security
Over the past three to four years, hackers have also been shifting their focus from big corporates to SMEs, with one report finding a 424% increase in attacks on SMEs from 2017 to 2019.[7]
The shift from the 0.2% to the 99.8%
The simple reason hackers are shifting their attention to SMEs is they are now much easier to hack. Driven primarily by major attacks in 2017 (e.g. WannaCry[8]), large corporates have actively and continuously invested in cybersecurity, whereas many SMEs have continued with the status quo. Our research has identified three key trends that are leaving SMEs vulnerable to increased cyber-attacks:
More than 85% of Australian SME owners believe their antivirus software is enough to protect them from cyber-attacks.[9] Unfortunately, antivirus systems only protect businesses from 47% of all cybersecurity threats.[10] They are still an excellent foundation to block known threats and build a stronger cybersecurity system on.
Many SMEs do not have the resources to identify and manage cyber-attacks, leaving 22% of small businesses unable to continue operating after a ransomware exploitation.[11] When given the choice of losing a business, or paying a hefty ransom, the majority of businesses pay up.[12] Once paid, there is a high possibility the company will be hacked continuously until the vulnerability is found and fixed.
Cyber-crime is becoming much more sophisticated and smaller businesses are often the gateways to bigger rewards.[13]Criminals infiltrate SME systems with the aim to either obtain confidential details from larger firms or enter larger firm systems directly. For example, the global retail chain Target was hacked when a heating and air conditioning contractor was compromised.[14]
On top of this, there has been a global increase in all cyber-attacks due to COVID-19, with hackers leveraging vulnerable people and vulnerable remote IT systems.
‘There is a growing cybersecurity gap between big business and SMEs that has been highlighted and has heightened during COVID-19… There should be a focus on developing cost-effective, easily maintained cyber solutions to help protect Australian SMEs now and into the future.’
Risks, mitigations, and interventions of mass remote working during the COVID-19 pandemic; Australian Cyber Security Cooperative Research Centre, 2020
Despite all this, there is good news for SMEs
There is one big advantage of being an SME over a large enterprise: external hackers will easily give up if they cannot breach the system.
Typically, hackers will use the same tried and tested techniques to hack multiple SMEs simultaneously, infiltrating the most vulnerable. They will target naïve employees with phishing scams, social engineering, and clickbait. Then, once infiltrated, a bot will automatically run malicious code (malware) on the computer, giving the hacker access to hold the company to ransom.
The key is to ensure your systems are not vulnerable to an attack. This means implementing a cybersecurity strategy.
The Australian Government has recognised the need for Australian businesses to increase their cybersecurity. The Australian Cyber Security Centre (ACSC) has recommended eight mitigation strategies (known as the Essential 8) that all organisations should implement as a baseline cybersecurity measure. Many large organisations have invested heavily to implement these recommendations to maximise their protection.
The good news is SMEs can also implement highly cost-effective cybersecurity management systems. These systems can significantly reduce system vulnerability, ensure business owners have clear policies to manage attacks, and ensure businesses are compliant with the ACSC Essential 8 recommendations.
The reality is, cyber-attack threats on SMEs will only increase as the workplace continues to evolve and criminals seek new ways to infiltrate businesses. Yet, strong cybersecurity management systems are built to adapt to new threats, using proactive measures rather than a continuous defence.
For SMEs, cybersecurity removes the power from the hackers and places it firmly back with the business owner, leaving the proverbial ball – or data – safely in their court. Thus, the success of cyber-crime in Australia is ultimately up to the other 99.8%.
What can law firms do to protect themselves?
The good news is there’s a solution. Firms can easily put in place systems and tools to dramatically reduce the risk of cyber attacks. Three key areas all business should implement are:
At Jam Cyber, our Cyber Security Management System includes all these areas. Contact our team today to ensure your law firm is cyber safe.
Jam Cyber & Cybersecurity Solution
Jam Cyber IT & Cybersecurity is focused on delivering IT solutions for small to medium Australian businesses. Our Cybersecurity Management Systems provide optimal cyber-protection at a cost-effective price, without needing new expensive server infrastructure.
We have nothing to hide, so you can view our prices and packages here!
Or contact us to discuss how we can protect your business.
[1]https://itbrief.com.au/story/cyber-attacks-worsening-among-australian-businesses-costing-economy-1-billion-a-year
[2] https://www.insurancebusinessmag.com/au/news/cyber/australia-smes-are-overconfident-on-cyber-threats–chubb-survey-158747.aspx
[3] https://itbrief.com.au/story/cyber-attacks-worsening-among-australian-businesses-costing-economy-1-billion-a-year
[4] https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-small-business-counts2019.pdf
[5] https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-guide.pdf
[6]https://www.staysmartonline.gov.au/sites/default/files/Cost%20of%20cybercrime_INFOGRAPHIC_WEB_published_08102015.pdf
[7] https://4iq.com/2019-identity-breach-report/
[8] https://www.osti.gov/servlets/purl/1423027
[9] https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-guide.pdf
[10] https://www.sans.org/reading-room/whitepapers/analyst/membership/38460
[11] https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-guide.pdf
[12] https://smallbiztrends.com/2019/05/ransomware-statistics-small-business.html
[13] https://www.smartcompany.com.au/finance/fraud/cyber-crime-stay-ahead/
[14] https://money.cnn.com/2014/02/06/technology/security/target-breach-hvac/index.html
Related Posts:
Stay safe this ‘Silly Season’: Safeguard Your Business from Festive Cyber Scams
Stay safe this ‘Silly Season’ As the festive season approaches, it’s a time for joy, generosity, and, unfortunately, heightened cyber
The Pros (and Cons!) of ISO 27001 for Australian SMEs
The Pros (and Cons!) of ISO 27001 for Australian SMEs Each year, the number of cyber risks faced by small
The Benefits of Restricting USB Access for Employees
The Benefits of Restricting USB Access for Employees One of the most underestimated measures for protecting an organisation’s data is
How and Why to Block HTM/HTML Attachments in Outlook 365
How and Why to Block HTM/HTML Attachments in Outlook 365 Microsoft Outlook 365 is one of the most popular business
Recent Posts
Categories