The recent ransomware attacks against Channel Nine in March, and the meat processing company (JBS’s) worldwide operations in June are just some examples of the ever-expanding cyber problems making the daily news headlines.
The recent Australian Government Annual Cyber Threat Report found Cybercrime cost Australia $29 Billion annually, with cybercrimes occurring every 10 minutes, ranging from denial of service to phishing and malware attacks. Cybercriminals, some of which are said to be encouraged by foreign governments are becoming increasingly ruthless, with attacks on hospitals, schools as well as small and large businesses. Cybercriminals are becoming increasingly sophisticated, and just because you own or manage a small business, doesn’t mean that you will be disregarded by these criminals. In fact, it’s possible that your business could be targeted by cyber threats in the future, as larger businesses increase their cyber defenses. Hence, it is necessary to put the correct precautions in place to protect your business, its customers, and profits before ransomware, malware or other types of Cybercrime attacks occur.
Why are Small & Medium Businesses more Vulnerable to Cyber-attacks?
Cybercriminals are increasingly business-minded and know that small businesses are often not as protected against cyber attacks like ransomware attacks, which can make them an easier target for a quick profit. Criminals also know that SME’s often lack dedicated internal IT staff to continually maintain software and install the latest security patches and are focussing their efforts on more urgent COVID-19 related issues including supply chain interruptions, lockdown or staffing.
Even if you try and shore up your own security, cybercriminals are now focussing on service providers, enabling them to subsequently attack multiple small businesses.
In addition to the above challenges is the recent accelerated drive to work from home. This has spotlighted a unique set of risks for businesses including unsecured home networks, fake emails sent from co-workers asking to pay invoices (social engineering) and phishing emails which give criminals access to the computer.
How to Protect your Business Against Cyber and Ransomware Attacks
The fact that small and medium businesses are vulnerable to ransomware attacks and that their service providers are now being targeted highlights the need for an urgent review of your risks and the implementation of security practices.
Agile CyberSelect is aimed at mid-market to corporate clients and is a comprehensive Cyber Insurance policy with 16 policy benefits and 24/7 incident response.
The fact that small and medium businesses are vulnerable to ransomware attacks and that their service providers are now being targeted highlights the need for an urgent review of your risks and the implementation of security practices.
There are lots of free resources for SMEs on the Australian Cyber Security Centre website including a Phishing Test, Cybersecurity tool, and guides on how to get your business up and running after an attack.
Below are ten steps that all small and medium-sized businesses can take to help secure their online presence and protect their company from cybercriminal attacks.
Train all employees in cybersecurity and how to avoid opening links or acting on information from unknown contacts.
Ensure policies are in place to automatically update and patch software. Also use well-known reputable providers of firewalls that can block malicious emails, as well as check for suspicious and spam emails.
Restrict data access to only the employees requires specific information.
Back up all your data on a daily basis to cloud storage and weekly to a dedicated secure server in a separate location.
Implement data encryption when sending data over the internet and encourage the use of multi-factor authentication when employees access data remotely on mobiles and tablets.
Avoid public networks, they allow others to see your data and passcodes.
Ensure there are procedures in place to ensure passwords are changed on a regular basis, also that they are unique, strong and secure.
Install security software on all computers, laptops and mobile phones accessing the companies' IT systems, including anti-viral and anti-spyware filters.
Regularly update user access and remove users that have left the company or have had a change in their IT access.
Consider cyber insurance to help you manage and recover from a cyber or ransomware attack, including cover for lost income.
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.
All information above has been provided by the author.
Featured
Log in with Google
