Family businesses play a vital role in New Zealand’s economy and local communities, and safeguarding what you’ve built increasingly requires a clear focus on cyber security alongside more familiar business risks.
Cyber criminals often target small and mid-sized businesses because their technology often grows bit by bit over time, making it harder to spot and fix security gaps.
Family businesses are no exception. A single cyber incident can disrupt day-to-day operations, expose sensitive information and damage long-standing relationships you’ve worked hard to build.
The cyber risks you should be aware of
Cyber risk isn’t just about IT systems, it’s about the way your people, processes and decisions can expose the business to risk. Common threats affecting New Zealand businesses include:
· Business email compromise - attackers access an email account and impersonate someone you trust
· Ransomware - locks systems or data until a payment is demanded
· Data breaches - involve customer, employee and/or financial information
· Scams and phishing - designed to convince you or your team to transfer money or share login details
· System or network attacks - can halt operations entirely
Family businesses can be more exposed where systems have grown organically, processes may be informal, or key knowledge sits with a small number of trusted people.
Simple steps to strengthen your cyber resilience
Improving your cyber security doesn’t need to be complex or expensive. Many effective controls come down to a few practical habits:
· Turn on multi-factor authentication for email, accounting systems and remote access
· Use strong, unique passwords, preferably supported by a password manager
· Keep software and devices up to date with automatic security patches
· Install and maintain reliable antivirus and security software
· Back up critical business data and check it can be restored
· Secure physical devices and Wi-Fi networks, including those used at home
· Make sure your team understand common scams
· Have a clear response plan so you know what to do if something looks wrong
It’s also worth raising cyber risk at a governance level. Including it in regular business discussions, alongside succession and continuity planning, helps ensure it doesn’t get overlooked as roles change or the next generation becomes more involved.
What if I have an external IT provider?
If you rely on an external IT provider or managed service partner, it’s important to be clear on where responsibility sits. While these providers can add expertise, they can also introduce risk if arrangements aren’t well defined.
Ask yourself:
· Do you have a written agreement clearly describing what they are responsible for?
· Who manages cyber security day-to-day and who responds to an incident?
· What happens if your provider experiences a cyber breach themselves?
· Do you understand who carries the financial risk if something goes wrong?
Cyber criminals increasingly target service providers because vulnerabilities can allow them to attack multiple businesses at once.
Where cyber insurance fits
Even with good controls in place, cyber incidents can still happen. Cyber insurance is designed to support you when prevention isn’t enough.
Cover can provide access to technical specialists, legal advice, crisis communications support and business interruption cover. Importantly, it also gives you expert guidance during what is often a highly stressful and unfamiliar situation, helping you make clear decisions and get back to business sooner.
If you’re unsure how exposed your business might be, or whether your current insurance arrangements would respond to a cyber event, it’s worth having a conversation with your insurance broker. They can help you understand your cyber risk, review existing cover and discuss whether cyber insurance is appropriate for your business.
Looking ahead
As your reliance on digital systems continues to grow, cyber resilience becomes a key part of protecting your business and its future. Taking practical steps now helps safeguard your operations, your reputation and the contribution you continue to make to your economy and community.
Gallagher works alongside family business owners to help identify cyber exposures, understand where risk sits and prioritise practical steps to strengthen resilience. Get in touch with Gallagher today to understand your cyber exposure, test whether your current insurance would respond to a cyber incident and address any gaps before a cyber event puts pressure on your business.
For over 45 years, Gallagher (formerly Crombie Lockwood) has provided insurance cover for family businesses. Their characteristic blend of local expertise and global reach means they can support their clients wherever they do business.
