The need-to-know of cybersecurity

Cyber crime is costing Australian businesses more than $1 billion every year. However, it’s not only the ‘big guys’ who are falling victim to cyber-attacks.  Six out of every ten cyber-attacks in Australian target a small business. Storing data, in particular consumer information, on your server paints a big red cross on your back. Therefore, it is essential that your SMB is prepared for any type of cyber-attack, so that your businesses data and customer information is protected.

The three cyber-attacks concerning SMBs are:

Malware – Malicious software installed on a computer that can tract activities, including keystrokes.

Ransom ware – Software that ‘locks’ a computer and information from being accesses. Hackers use this to exploit money from users, with the promise of ‘unlocking’ the computer once the ransom has been paid.

Phishing – Malicious emails sent to users under the guise of a legitimate email, with the purpose of stealing personal information.

Six different steps SMBs can take to protect themselves from cyber- attacks

1) Understand the data you actually have

Collecting information is a normal part of doing business. However, not all businesses know what data they actually have. Understanding what data and information you collect and store is the first step in protecting your business. Whether its customer data, product information, intellectual property from business clients, or credit card information, understanding what you’re dealing with will help you to make a sound plan to protect it.

2) Understand your backup protocols

The biggest fear of SMBs is losing historical work. Deleted data or work can have a devastating impact on any small business, often leading to financial strain. The headache of having to start again along with the potential of losing important business records makes it crucial that SMBs put a back-up system. A back-up system in place will help to protect your data and work from cyber-attacks.

However, one single backup or backups on a connected USB or hard drive isn’t enough. It is recommended that SMBs put multiple backups in place, with at least one held on a different server or network.

3) Understand what you need to do to protect your systems

One of the biggest issues SMBs face when they experience a cyber-attack is that nobody within the business knows what is happening until it’s too late. This is usually because SMBs don’t have a dedicated IT person within their offices.

It is perfectly okay to outsource your IT system; however, there should be clear communication between the SMB owner and the IT provider. IT security should also be a point of discussion in regular meetings and updates between the IT provider.

4) Create a culture of protection within the workplace

Given that cyber-attacks are becoming more sophisticated – especially phishing attacks – it’s understandable to many employees find it difficult to identify them. However, it only takes one unsuspecting employee to infect an entire network. That’s why it’s crucial to create a culture of security within your organisation to prevent such cyber-attacks from happening.

It is recommended that you train your staff on how to recognise, respond and report phishing emails. If an employee can identify the early stages of a cyber-attack, you will have more time to respond as a business.

5) Take out cyber liability insurance

Cyber liability insurance will provide financial protection if your business was to fall victim to a cyber-attack. The insurance will usually cover the costs of business interruption suffered, forensic investigation, data recovery, extortion, and any crisis management costs to help your business reputation after the cyber-attack. Certain policies will also cover associated legal costs.

Make sure to read the fine print when applying for cyber liability insurance. Understanding what’s covered and what’s not will save any disappointment and frustration you may encounter when you submit a cyber-attack claim.

6) Know who you need to report the cyber-attack too

If you are a company that has an annual turnover of more than $3 million, handles personal information, or there is a risk of series harm to an individual after a cyber security breach, than you are legally required to report any cyber-attack to the Office of the Australian Information Commissioner.

If you are a company that isn’t legally bound to disclose cyber breaches, you still have an obligation to inform your customers when a cyber-attack has occurred.  By whom, when and how you inform your customers should be part of your reporting plan.

What to do if your SMB falls victim to a cyber-attack

All the preparation in the world can only get you so far. As thousands of Australian SMBs can testify, a cyber-attack can leave you crippled, confused and out of pocket. Having a response plan can help to mitigate the harm your company may suffer. While, there is no set formula on how to respond to a cyber-attack, these are the general sets of actions recommended by cyber scam experts.

Don’t give in to the attacker- at least not immediately

Ransom ware attacks usually threaten to delete data if a ransom isn’t paid, and increasingly that ransom is being demanded in Bitcoin. This can be a tough decision for SMBs as data is often the backbone of the business. While paying up may seem like the best option at the time, it can lead to negative consequences down the track. For example, paying the ransom does not always guarantee that you will get some or all of your data back.  It can also put you are risk of being targeted again. So, before you give in to the attacker and pay the ransom, contact an expert first.

Contact an expert

It is imperative that any business suffering from a security breach who do not have the expertise to handle the issue should employee an expert. A computer forensics expert will be able to analyse the security breach to determine how it happened and try to amass the evidence to prove when perpetrated the act. If you have cyber liability insurance, may have access to a rapid response team who can help you with any security breach that may occur.

Understand the nature of the breach, and start restoring from backups

The first step in knowing how to respond to a security breach is to understand why you were targeted in the first place. The type of data that has been disrupted via the cyber-attack will determine the nature of your business’s response.

An internal investigation is not an easy process, and for some businesses, it can last weeks or months. That’s why it’s important to develop some governance around the investigation process before it occurs. Delegating tasks and rules beforehand will make the investigation process smoother. Knowing who is involved and what powers they have will ensure there is no disturbance of evidence, or leaking of classified data

Put your reporting plan into action

The cyber-attack has occurred, so now it’s time to put your reporting plan into action. Your reporting plan should already outline who you need to notify, whether it’s the Office of the Australian Information Commissioner, your customers or both.

AS previously mentioned – If your business has an annual turnover of $3 million and suffers a data breach that is likely to result in serious harm to any person whose personal information is involve, you are obligated to report this to OAIC. Not doing so can result in fines.