Cybercrime is a very real threat to many organisations in Australia, with the resulting risk of business interruption potentially causing tens of thousands of dollars or more in lost revenue. The impact on your company’s reputation could be even more damaging.
Nevertheless, only 61 per cent of Australian businesses have cybersecurity incidents listed as a likely source of risk, according to a 2013 study by the Computer Emergency Response Team (CERT) Australia.
Furthermore, just 27 per cent of enterprises had increased IT security spending in the 12 months prior to the poll – 25 per cent fewer than in 2012. CERT Australia also discovered 16 per cent of respondents had no dedicated staff dealing with cybersecurity problems.
The impact of an IT breach can have many ramifications, ranging from the theft of customer and client data through to a complete systems outage. A recent Unisys survey showed 45 per cent of Australians believe a high-profile data breach will occur at a major retailer in the next 12 months.
Figures for telecommunications providers and government agencies were even less optimistic, with 58 and 49 per cent of respondents respectively lacking faith in these organisations’ IT security systems.
Protecting your business
Companies should implement a number of measures to ensure their IT and data are protected as much as possible. Firstly, comprehensive business insurance is a must, as even the most sophisticated of defences can fail.
National Australia Bank Chief Security Officer David Powell believes that while large organisations typically steal the headlines when big breaches occur, small and medium-sized enterprises (SMEs) are just as at risk.
“The fact that SMEs often have fewer security measures in place only makes for an easier target, and criminals love an easy target,” he explained. “What most business owners don’t realise is that cybercriminals use automated hacking tools to scour the internet to identify vulnerabilities.”
NAB offered four tips for boosting cybersecurity at businesses:
- Strengthen password practices
- Make regular data backups and store them offsite
- Optimise access management
- Maintain up-to-date security software and operating systems
Management consultancy McKinsey & Company believes the best way to approach cybersecurity is to integrate these processes into the main business operations, rather than render it solely a function of the IT department.
However, this will require better communication between security professionals and the C-Suite, particularly as McKinsey found two-thirds of companies have no regular interaction between these departments.
Would you like to discuss how cybersecurity risks could affect your company? Contact an MGA office in your area to learn more about our business insurance offerings.