The Hunter’s small and medium businesses are not immune to the threat of cybersecurity breaches. Arguably they are even more vulnerable due to complacency in believing that “it
won’t happen to me.”
For more aware businesses, the lack of resources and skills to defend against cyber attacks may be the most significant risk. Newcastle and the Hunter region are no strangers to public cyber breaches.
In 2020 Newcastle Grammar School made national headlines when hackers encrypted the school’s IT system and demanded a ransom of over $1M. Despite quick action by the school’s IT staff, their IT got so severely damaged that forensic investigators could not establish where or how the attack began. The school lost access to all its core systems, including student exams which had to be redone. The recovery took months.
The attack on Newcastle Grammar followed another high-profile breach at Newcastle City Council in 2019. An email phishing scam sent out fake invoices directing payments to dodgy
bank accounts. The cost to the city was over $250,000. Today NCC is hyper-vigilant about cyber security.
The price for apathy may be bankruptcy and liability
The Office of the Australian Information Commissioner (OAIC) released its Notifiable Data Breaches Report, which shows some surprising results. Despite growing cyber awareness,
notifiable breaches are up 6 per cent compared to last year. And human error increased by 43 per cent in the previous period to account for a large majority of cyber breaches.
Cyber attacks can be costly for small to medium businesses. According to the ASIC Annual Cyber Threat Report 2021, the average reported loss for SMEs was $42,341. Worryingly it
took the average company 23-50 days to recover from a successful attack, and more than 50 per cent of those businesses failed within months of a breach.
Adding to the burden, Hunter company directors may be liable for a cyber breach. Failure by a company to prevent, mitigate or respond to a cyber incident may result in violations of the
Corporations Act (2001). Failure to comply with notification obligations or repeat offences may attract a fine of $444,000.
What can Hunter Businesses do to increase cyber protection?
Our IT service provider, Nettko would advise that Hunter business must take a proactive approach to build cyber resilience.
An ad hoc approach of using antivirus tools may not be enough. Cyber criminals will exploit human behaviour or employees who work from home and have weak mobile security.
Businesses must treat cybersecurity as a strategic business issue, not an IT afterthought. Aligning your business goals with your IT goals must include cyber security planning, resilience, mitigation and response.
To take the pulse of digital vulnerability, we recommend that businesses quickly test the security of online assets like websites. Last month the Australian Strategic Policy Institute (ASPI) launched .auCheck.com.au, a tool that can assess your website, email or internet connection for vulnerabilities.
However, a better option would be to take a proactive approach with an audit of current cyber vulnerabilities and risks, then develop a cybersecurity plan suited to your business, risk profile and budget.
Nettko is offering readers and subscribers of Hunter Headline a free, no-obligation cyber security assessment to help them become cyber proactive and protect what is most important; their people, customers, data, privacy and livelihood.
Experienced Digital / Cloud Professional with an extensive history of working in the information technology and services industry. Skilled in IT Strategy, Business Process Management, Software Development, Enterprise Content Management and Management.
"I love what I do and have helped many organisations migrate to the cloud successfully achieving business automation processes, integration between line of business applications and enterprise content management solutions. What really drives me are the ideas that drive growth and innovation for my customers. I find it exciting to inspire people and business to be the best version of themselves. To find the easiest path to sustainable productivity… it’s so powerful and creates an optimism for the future as so often they are confused and overwhelmed by technology that hasn’t delivered on its promise. My goal is to deliver on that promise.
I am passionate about technology and growth, an innovator, doer and change driver".