‘Cyber security is paramount’ – even for SMEs

Having cyber security measures in place has become increasingly crucial for businesses over the years. Now, no matter the size of an organisation, it is a paramount consideration that could save a crippling cyber attack.

The digitisation of the modern workforce means there aren’t any companies (aside from perhaps a schoolkid’s lawn mowing business) that are safe from cyber attacks.

With everyone using tech and relying on it to keep operations running smoothly, the chances of people exploiting that reliance are ever-present. This is why measures must be put in place to protect precious data.

“Cyber security is paramount. Just think about how reliant we are on technology in our daily lives, let alone at work,” Zuna founder and chief executive Oskar Rutten said.

“Technology is a part of everything we do, and there are more and more criminals looking for loopholes to exploit – for many of them, it’s their job. We know from the Department of Home Affairs that in 2022–2023, there was a cyber incident reported every six minutes. It’s really not a case of if a cyber attack will happen, but when.”

Small businesses aren’t safe anymore, either. Gone are the days when the high-profile targets had cause for concern and the SMEs didn’t need to worry. Now, everyone is a target, and organisations need to prepare for the worst.

However, according to Rutten, SMEs are in a better position to implement protections, largely due to the ease of setting foundations.

“All businesses are under risk of cyber attacks, even small businesses. Yet unlike their larger counterparts, small businesses, especially those that are new, are in the best position,” he said.

“Why? Well, they can build strong foundations now to set themselves up for the future. By starting with the essentials, they will be one step ahead – prevention is key when it comes to cyber security.”

One issue with SMEs and data protection is the lack of budget that large companies are able to work with. This can make the process trickier. However, Rutten noted there are cost-saving techniques that can be utilised.

“There are many cost-effective ways for SMEs to implement cyber security measures. To start with, invest in the highest level of cover from your email provider. By doing this alone, you will give your business an added layer of protection,” Rutten said.

“For those using Microsoft/Office 365, we recommend Microsoft Defender Antivirus, an anti-spyware software that protects, detects and responds to threats. This starts at as little as $4.50 extra per person per month.”

He continued: “In addition to emails, SMEs should be utilising the strongest form of multifactor authentication for all accounts. Take a further step and use a password management system like Bitwarden, or even physical security keys (that are worth less than $100 each). As your business and team grow, you really need to start thinking about security awareness training as the biggest threat becomes human error.”

The consequences of getting this process wrong are significant and can have major implications for a business’s future.

“Without robust procedures in place, a cyber attack can result in a range of disruptions and long-term ramifications. Cyber crime comes in many different shapes and sizes, with small businesses reporting the most common attacks are phishing scams, email inbox break-ins, fake invoices, payment redirection scams and banking burglary,” Rutten said.

“The Australian Signals Directorate Cyber Threat report suggests the average cost to a small business is $46,000 per attack. Personal data belonging to your clients and teams could be in the hands of cyber criminals, which can ultimately lead to identity theft and bank fraud. Then there’s the stress and cost of managing such a crisis, as well as reputational damage – a nightmare scenario for any SME.”

He concluded: “By laying strong cyber security groundwork, small businesses can grow with confidence without worrying about these small but important steps later on.”