News about cyberattacks continues dominate the headlines in our world today.
We can only shake our heads in disbelief as we read yet another headline about big names like eBay, Marriot International, Federal Parliament and Channel Nine falling victim to data breaches and cyber crime.
However, though we do not often hear it in the news, it is estimated that small business is the target of 43% of all cybercrimes, and continues to increase year on year as cyber attackers continue to become more sophisticated.
We understand that cybersecurity can feel daunting to many people. Fortunately, you can protect your small business in a variety of ways.
In this article, we will outline some advice that you can easily apply to make your system less vulnerable to attack.
Ways to Protect Your Small Business from Cyber Attacks
The importance of awareness of yourself and your staff about cybersecurity cannot be overstated.
It was estimated that a major proportion of data breaches are caused by human error.
First and foremost, make sure that all your employees are aware of common threats and risks whether it would be a suspicious email or unusual password activity.
Potential Cyber Breaches and Attacks include:
- Social Engineering Fraud
The attempt of manipulating an individual to transfer fund or sharing confidential information. It is done by trickery where an individual is believing the person that they are communicating with is trusted.
Phishing is most commonly in the form of malicious emails containing file attachment or links to an unknown source. When clicked, it can unintentionally download malware onto your device and compromise your computer and network.
If your system is experiencing inexplicable freezes and crashes or there are spikes in the network traffic, there is a chance that your system is infected by malware. To prevent malware infection, it is important to have antivirus software and avoid clicking on suspicious pop-ups when browsing the internet as some of them can be harmful and infected with malware, adware and spyware.
- Suspicious activity on your account:
If you received an email notifying you that there has been unusual activity, an unknown password change or a login attempt from an unknown device, there is a high chance that your password has been compromised. It is important to act on this straightaway, update your password immediately and have two factor authentications in place.
You might also want to read our article on Types of Cyber Attacks.
Strong passwords are vital, they are your first line of defence in protecting your system and network.
Aim to have a 12–15 character range for the length of your password and make it complex by upper and lower case, numbers and special characters.
Where possible enabling two-factor authentications method adds an extra layer of security making it so much harder for hackers to crack. It requires two separate methods of identifications in order to access something. The most common method of verification is through SMS authentication code or via an authentication app such as Microsoft Authenticator.
Update your password regularly and avoid using the same username and password on other applications.
As we almost have a password for everything, it is important to have a different password for your account and update them regularly. Using a password manager such as Dashlane, 1Password and LastPass can provide a secure way to manage your passwords.
Although software update pop-ups can be annoying especially when we are in the middle of work, it is crucial not to ignore them.
We often find it way easier to click on the “remind me later” option and immediately get back to work.
However, it is important to keep your software, security programs (such as anti-virus, anti-malware and anti-spyware programs), operating system, and devices up to date. Software updates could contain vital update helping you protect against known vulnerabilities and bugs.
Most software updates allow you to schedule them at a convenient time for you or outside of business hours, be sure to keep them up to date.
Mobile Devices and Portable Hardware
If you are using mobile devices such as laptops, phones, tablets, and other portable hardware for your business, you will need to be able to protect your data remotely.
Ensure that your employees are aware of the privacy and security risk associated if they are allowed to use their personal devices for work.
At the minimum level, your devices need to have remote locking and/or wiping functions in case if they get stolen.
It is also recommended to avoid connecting to public Wi-Fi and turn your Wi-Fi and Bluetooth off when not in use.
Your business data is one of the most valuable assets of your business. Thus, it is vital to store your data including customer records and other important business files somewhere safe.
In an unfortunate event of a cyber incident, besides having to handle the direct matter at hand, your business activities could potentially be interrupted completely from not being able to access the required data to keep operating.
Fortunately for small businesses, Data backup has never been easier. There are many cloud-based backup services to choose from offering different features and are generally affordable. Here are a few cloud backup options that are widely used, BackBlaze, IDrive, Google Cloud, Microsoft Azure and Dropbox.
If you are already using a backup service, make sure you regularly check and test that your data can be fully restored from your back up.
By backing up your data, you will be able to restore your data in the event of a cyber breach.
While it is extremely important for businesses to minimise the risk of a cyber-attack and the above will help you make your business be less vulnerable to attacks, even the most secure organisation remain at risk of an attack.
For a business in Australia, the average cost of cybercrime is around $276,000.
Unfortunately, the cost of responding to a cyber incident could put most small businesses out of business.
In a world that is increasingly driven by digital technologies and information, making sure you have an adequate cyber cover is an essential part of doing business.
Cyber Liability Insurance can cover the costs associated with Cyber Attack.
Coverage generally includes:
- Data Breaches Notification Cost
- Business Interruption Costs
- Cyber Extortion Costs
- Incident Response and Forensic Support
- Potential Legal Costs and Legal Support
- Social engineering
To obtain a quote or to obtain some advice, contact us on 1300 739 861.
Disclaimer – “This material contains general information only and may not suit your particular circumstances. To decide if a policy is right for you please carefully read the relevant Product Disclosure Statement (PDS) and/or Policy wording. While we have exercised due care and skill in preparing this information, Optimum Insurance Services (Optimum) does not accept any legal responsibility or liability for negligence or otherwise to you or anyone else who seeks to rely on this information. This includes, without limitation, loss arising from a possible failure of the information to comply with statutory or regulatory requirements or the failure of the information to identify other terms and conditions beyond those considered in this document. You should obtain advice to ensure that your policy provides adequate cover for your circumstances.
“Optimum Insurance Services Pty Ltd is a Corporate Authorised Representative of Insurance Advisernet Australia Pty Ltd (Car No. 291220), Australian Financial Services Licence No 240549, ABN 15 003 886 687.”