SMEs are vulnerable because of their complacent attitude and a belief the data of a small Australian business would be of no interest to hackers – they need a more vigilant approach to address the overlooked cyber security issue.
The cyber security issue has been in the media for all the wrong reasons lately and this is an area where many small businesses mistakenly assume they have the cyber protection they need.
It is common for small businesses to think their outsourced IT work, done by a managed service provider, covers cyber security and penetration testing, but this is not usually the case.
It is a misunderstanding, which leaves many companies unnecessarily vulnerable with breaches of cyber security leading to potential loss of reputation, capital and intellectual property. A small investment can protect against all of these things.
New government legislation, expected to be passed before the end of this year, will make it mandatory for all businesses with a turnover in excess of $3 million annually to report serious, known data breaches within 30 days.
With the proposed mandatory data breach notification legislation set to be passed this year, insufficient cyber security puts businesses at risk of being non-compliant with this legislation. These are all compelling reasons to make sure your data is secure.
A number of recent high profile cyber-attacks are evidence organisations are often not as protected as they believe including attacks on a number of Queensland councils, including one that defrauded Brisbane City Council out of $450,000.
A lot of managed service providers do a great job of ensuring your company has the right IT and ensuring it is well maintained. But cyber security is a separate industry in itself, utilising a different set of specialised skills.
It is absolutely necessary that companies check if cyber security is included in their contract with their IT provider. If it is not, they need to source a company specialising in cyber security to do the work for them. The additional cost is less than you would expect.
When we check the cyber security of small businesses, we often find companies are vulnerable because of their complacent attitude and a belief the data of a small Australian business would be of no interest to hackers.
It is reasonable to assume hacktivism and cyber-attacks will continue to rise as we become increasingly reliant on technology. And it is naïve to think you are protected simply because of the size, location or nature of your small business.
Ravin Prasad, CEO, Cybernetic Global Intelligence
