Boutique professional service firms in Australia should implement effective cyber security infrastructure to avoid being targeted by budding cyber criminals, Deloitte’s cyber risk leader has warned.
Smaller firms facing cyber security risk, warns Deloitte
Speaking to AccountantsDaily, James Nunn-Price, Deloitte’s Asia Pacific cyber risk leader, said smaller firms and professionals face “a real challenge” in implementing effective cyber security, particularly as Australia itself has become an ideal target for cyber criminals.
“Australian businesses are falling victim to either denial of service attacks or what we call ‘crypto locker’ attacks, which encrypt all of your data,” he said.
“A sizeable minority of people pay the ransom and that has made Australia a target, because the criminals are thinking that they can make more money from Australia."
Mr Nunn-Price urged firms to follow three or four basic minimums when it comes to cyber security, to avoid becoming ‘the low-hanging fruit’, including keeping IT systems up to date, using good passwords and maintaining a high level of user awareness.
“If smaller organisations can do that, then they’re not the lower-hanging fruit, and other people will be targeted first.”
While outsourcing IT operations to a cloud provider can drastically improve security operations, “certainly better than you can do in-house”, Mr Nunn-Price added that it was vital to ensure that firms contain at least one in-house staff member to oversee the service.
“They should definitely have someone in-house who’s responsible for it and has a good understanding of it,” he concluded.
Mr Nunn-Price’s comments come after the launch of Deloitte’s 24/7 Australian Cyber Intelligence Centre, which links regional and global networks to allow the firm to provide global cyber intelligence services.
Mr Nunn-Price highlighted the importance of connecting to a global infrastructure of threat prevention.
“These strategically placed centres enable a deep understanding of local markets, language, threats, regulatory security and privacy variations,” he said.
Mr Nunn-Price added that the firm offers cyber intelligence services to many professions. While there are no accountancy firms on board, he stated that “it is certainly not precluded from being bought as a service by smaller accountants from us”.