Criminals are no longer trying to get in through the back door but through a laptop, says chief executive.
CA ANZ security hub to help SMEs after $33bn in cyber theft
CA ANZ has launched a cyber-security hub and playbook for small businesses that aims to help prevent, prepare for – and if it happens – recover from cyber attacks.
The initiative comes after businesses lost $33 billion to cyber crime in 2020-21, according to the Australian Cyber Security Centre (ACSC).
CEO Ainslie van Onselen said that SMEs were most at risk to cyber crime and the hub would help members take practical steps to create a security strategy.
“Attempted robbery, blackmail and fraud have always been a big issue for small businesses, but these days criminals are trying to get in via the laptop rather than the back door,” said Ms van Onselen.
“Digital transformation has pushed innovation including in criminal activity. While all types of companies are threatened, SMEs are most at risk because they are typically the least mature in terms of their cyber security risk and resilience.
“When it comes to cyber crime, it’s a matter of when, not if, someone will try something against your business.”
A survey by PwC found 71 per cent of CEOs surveyed were very or extremely worried about cyber risk, making it their top concern.
The ACSC found SMEs faced a higher risk of cyber attacks during 2020-21 based on the average cost of each threat.
Ms van Onselen said criminals had SMEs in their sights.
“That’s why it’s incredibly important that SMEs take the opportunity to review their cyber plan, put proper processes and procedures in place, and invest in best-practice cyber security,” said Ms van Onselen.
“Too few organisations plan to prevent cyber incidents, respond and recover from them, and as a result they suffer.”
Improving cyber security within businesses needed to be a whole organisational initiative.
“The other thing that SMEs don’t do well is communicate that cyber security is a team effort and a team responsibility,” she said.
“All employees and contractors need to take responsibility for the data, software and devices they use at work, because it takes just one person to bring down an entire network through a simple error.”
The cyber hub and playbook include a model to assess risk and create a cyber plan, a self-assessment tool to evaluate the state of your cyber security, and a mitigation strategy developed by the ACSC.
The mitigation strategy includes essential measures for organisations to adopt for a baseline level of security: