October each year marks cybersecurity awareness month, and so, in anticipation of next month (hint: put it on your agenda for October’s board or management meeting), I’d like to share some simple tips. These days, we seem to take technology for granted. It has become so intertwined in our daily lives, that we simply assume everything will just work and that there’s no need to worry about what’s “under the hood”.
But as always, with greater power comes greater responsibility. In technology terms, responsible use of technology requires it to be secure. Cybersecurity is all the buzz nowadays. You’ve likely heard of it, read about it in your regular news feeds or seen something on breakfast TV.
Either way, the hype is real. You may not realise this, but Cybersecurity is as relevant and important for small and medium businesses as it is for large enterprise. Businesses today face various cyber threats that can harm their operations, reputation, and growth. A compromise can cause severe financial impact and other disruptions. Not only are we seeing an increase in business compromise caused by poor cybersecurity posture, but we are also seeing an increase in personal cybercrime.
A recent Australian Cyber Crime Survey conducted in June 2023, found 27 percent of respondents surveyed had been victims of online abuse and harassment, 22 percent had been victims of malware, 20 percent had been victims of identity theft, and eight percent had been victims of fraud and scams. The financial losses are wide ranging, where some victims reported losing large sums of money. While most victims reported relatively smaller financial losses, it is important to consider that many incidents are not reported. Twenty-five percent of respondents were negatively impacted by cybercrime in the 12 months prior to the survey, while 22 percent of respondents who owned or operated a small to medium business said their business was negatively impacted by cybercrime.
Having a range of resources to help improve your cyber security and protecting yourself from common threats is imperative. Consideration around how to implement basic security measures such as using strong passwords, using unique passwords for each system, updating software, and backing up information at a minimum, is highly advised. By taking these small but effective measures, you can mitigate the chances of a cyber compromise or data breach impacting you and your personal data.
Beyond your personal protection, it is critical to consider incorporating various cyber security principles and strategies as integral parts of your business process. These should include ongoing cyber awareness training for your staff in addition to regular training and knowledge improvement within your own business domains. Ensuring not just frontline staff, but that all senior managers are involved in cyber security initiatives, demonstrates a commitment to leading by example and promotes a safety culture.
Enforcing multi factor authentication (MFA), is a simple yet very effective form of security that can be implemented simply by mobile device verification via an authenticator app. MFA provides confidence that even if one factor such as a password is compromised, there’s far less chance that a hacker will also have access to a second or third factor of your security set. Essentially, the use of MFA is now considered an essential part of every authentication process.
Finally, it is vital you have a clear understanding of your IT infrastructure. Every device that is connected to your network has the potential to become an entry point for cyber-attacks. Moreover, any device that is wi-fi capable and can connect to your network, expands the potential for cyber breaches. Regular updates of your IT asset register will ensure you know what hardware is being used and exposed to your network. This can include mobile phones, laptops, tablets or even your wearable digital devices such as smart watches or medical hardware.
Cybersecurity is not a technical issue relegated to the IT department to deal with in isolation, but rather a personal and a business problem that everyone needs to address. As a business owner, you must regularly review and consider ways in which you can enhance your security posture and cyber resilience. The flip side of course, is that a good cybersecurity posture can also be your superpower - an opportunity for your businesses to gain a competitive edge in an increasingly digital world.
By Peter Gatt, Business Development Manager – Majestic Computer Technology.
Majestic Computer Technology is an Australian Family Business that has been successfully delivering IT solutions since 1992. Majestic provides advisory, outsourced IT and business automation services to small and mid-sized businesses across manufacturing, professional services, construction and engineering, health, life sciences and the NFP sector. In addition to being a partner and member, Majestic is also the IT service provider for FBA. www.majestic.com.au