You have 0 free articles left this month.
Register for a free account to access unlimited free content.
accountants daily logo

Pay attention to the human element, cyber security expert warns


Small businesses are especially vulnerable and must balance technology budgets with spending on training.

By Christine Chen 12 minute read

Spending on cyber security technology is insufficient to prevent attacks and it is critical to recognise the role of human failure, according to HLB Mann Judd partner Kapil Kukreja.

Mr Kukreja, who leads the firm’s Melbourne risk and assurance practice, said “systems alone won't actually do the job” if they are not right for the organisation.

“Company boards need to safeguard their operations from cyber threats by allocating sufficient budgets for technology, training and human resources,” he said.


“You need to get people with the right skill sets, who have got cybersecurity expertise. And plus, the training, the staff training and awareness — continuous training and awareness is really, really important.”.

Mr Kukreja said that small businesses were particularly vulnerable to costly breaches through complacency and a lack of resources.

“They don’t have the adequate resources to be very frank, and they think that, ‘Okay, we are very small and what could be in it for the perpetrators to steal from us?’ ”

“[But] things like ransomware are very common for small businesses … hackers know that their systems may not be fully secure because they don't have a large amount of resources.”

The Australian Cyber Security Centre estimates small businesses comprise 43 per cent of all cyber attack targets, with the average cost of cybercrime around $39,000.

“If a system carries any vulnerability, they will be able to exploit it and use the information obtained to their advantage,” he said.

Cybersecurity has been on the government’s agenda after recent high-profile breaches to Medibank Private, Optus, Latitude Financial and law firm HWL Ebsworth.

In February, Prime Minister Anthony Albanese announced an overhaul of the government’s cybersecurity strategy, with cyber security coordinator Darren Goldie appointed in June.

“That’s a step in the right direction,” said Mr Kukreja, urging small businesses to take up the government’s new Cyber Wardens program.

“They should be actually using that to their full extent to make themselves more aware and cyber resilient.”

In his own firm, Mr Kukreja described the threat of cybercrime as a “continuous challenge”.

“We have to be ahead of the game…we are trying to implement a lot of measures including a lot of systems in place, a lot of training in terms of our people, processes, policies and procedures.”

“Cyber security is important to all of us, not just the big organisations.”

You need to be a member to post comments. Become a member for free today!
Christine Chen

Christine Chen


Christine Chen is a graduate journalist at Accountants Daily and Accounting Times, the leading sources of news, insight, and educational content for professionals in the accounting sector.

Previously, Christine has written for City Hub, the South Sydney Herald and Honi Soit. She has also produced online content for LegalVision and completed internships at EY and Deloitte.

Christine has a commerce degree from the University of Western Australia and is studying a Juris Doctor degree at the University of Sydney. 

You are not authorised to post comments.

Comments will undergo moderation before they get published.

accountants daily logo Newsletter

Receive breaking news directly to your inbox each day.