Story image

Are NSW small businesses too confident about their security?

15 May 17

Almost a third of New South Wales small businesses have been victims of cybercrime, but they believe having a limited web presence limits their exposure, according to a new study from the Office of the NSW Small Business Commissioner.

Out of 1400 respondents, 50% limit their digital exposure to a business website with contact details and social media, believing they’re less exposed to cybercrime that way. 

Only one fifth of respondents use cyber insurance to protect their business from incidents, and only 10% considered cybercrime a number one priority.

They are also more averse to selling products online - 20% of businesses have an ecommerce strategy.

Robyn Hobbs, NSW Small Business Commissioner, says online business is about taking risks into account.

“Doing business online can open up huge opportunities but small businesses need to take full account of the risks – for example something as simple as using email every day or taking a phone call can present a big cyber security risk to any business,” she explains.

Two thirds of respondents believe they are well-informed about cybercrime risks and 80% said they could respond to a security breach.

Hobbs says that the 80% of SME owners seem confident they could respond to a security breach are more confident than most companies listed on the ASX.

“Going digital can be a fantastic way of growing your business but there's no room for complacency - the risks are real and we’re encouraging small businesses to be aware and stay safe,” Hobbs says.

Overall, SMEs rank cybercrime as the fifth biggest risk to their business.

Respondents did state explicit areas of concern, including email fraud, social media hacking, online banking fraud, malware and crypto-ransomware.

“They also want help when it comes to tackling cybercrime – more than 90 percent said they needed risk management tools to assist in protecting them from cybercrime,” Hobbs says.

However, 75% of them were influenced by their own experience rather than advice from a specialist, such as a lawyer or accountant.

The study found that 60% of SMEs consult IT forensic consultants; 40% consult Google; 35% consult the police; and 34% consult Government.

“Some simple ways for small businesses to manage cyber risks to their business include educating and training staff, continuously updating software, using two-factor identification for emails and payments, encrypting important customer files,” Hobbs concludes.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.