There’s no denying, 2015 wasn’t the best year most of us have ever had – it was tough, and particularly so for people running small businesses. The nation was in the economic doldrums, and everything was on the downturn, except for numbers of security breaches of course, they only seemed to go up…and up.
There were several high profile attacks made last year on Australian companies. Among the biggest were hacks made on retail operations including Kmart and David Jones – organisations that you’d expect would have state-of-the-art security protection in place, and they probably did. The target of these attacks was customer information such as names and emails. David Jones had warn its customers to be wary of unsolicited calls or emails claiming to be from the company seeking credit card information. Needless to say, the reputation of this venerable Australian company, which has been trading since 1838, took a beating.
And of course, it’s the big companies that make the headlines. But the majority of attacks are made on Australia’s small and medium businesses – targeted because they hold lots of tempting customer info and often have minimal security in place.
IT security threats worldwide hit record highs in 2015 costing an estimated $420 billion globally, at least according to figures from International Business Report. It is certainly costing Australia more than a billion dollars annually and this could be a massive underestimate. There were over 39,000 cases of cybercrime reported in the country in 2015 and many are never recorded.
In 2014, one in seven Australians had become victims of identity theft, in 2015 this leapt to one in four.
Criminals can carry out cyber attacks from all over the world, and it’s pretty rare that they are apprehended. They have state-of-the-art tools at hand and in many cases are state-backed. Simply put, they are highly sophisticated and heavily resourced. If you’re not taking cyber crime as seriously as the criminals themselves, you’re going to become a victim.
You need to ensure that 2016 is the year you make security a core part of your business strategy. Don’t wait until you’ve become a victim. And this doesn’t just mean firewalls and virus protection for your office desktop machines, you have to take into account all the mobile devices used by your staff.
Customers won’t just go elsewhere after your business suffers a security attack, they will also seek other businesses if they feel that you’re not prepared for an attack and have a strategy in place. People are more in tune than ever about IT security and they expect certain standards to be met.
For health companies and retailers, experts have predicted that 2016 will see a rise in attacks. These businesses were targeted a lot in 2015 due to the wealth of useful information they hold as well as a perceived lack of security in the two sectors. KPMG did a research that showed that 81% of healthcare executives felt their companies had been compromised by at least one malware, botnet, or other cyber attack over the past couple of years. Meanwhile, retailers, as we’ve already seen in the cases of Kmart and David Jones, are being attacked for credit card numbers.
It now looks almost certain that the new Data Breach Notification Bill is going to come into law which will require businesses to inform customers of any attack on personal information within 30 days. Though this is only expected to affect companies with over $3 million revenue a year, it will certainly make a difference to companies wanting to protect their good names and reputation. Therefore it is vital you have security procedures in place.
- Security awareness training – train, train, train your staff to know the risks to your company and how to reduce them. People often prove to be the weakest part of any IT security and the more training they have, the fewer risks there are. Make sure people only have the information they need to work, and put security policies in place for different levels of your organisation.
- Penetration testing – let an expert test for weaknesses in your systems by using the methods a hacker would. They can then tell you the best way to reduce breaches. This is vital for any retail or medical business as you have vital data to protect and compliance regulations to adhere to.
- Security software – Use firewalls and antivirus but keep them updated and patched with the latest versions or they won’t be able to detect any new types of attack.
- Cloud data protection – Make sure that your cloud data protection software handles encryption, deploys user analytics and gives real time visibility into your applications.
Salim Sukari, Director of Empower IT Solutions said, ” Security crime is not only here for good, it’s getting worse by the day and any company that hasn’t taken steps to stay safe is simply asking for trouble. If you’re not sure what steps to take, ask an expert. A few dollars spent having your security assessed and your weak spots fixed could not only save you thousands of dollars later on, but could even save you from bankruptcy. It’s time to stop the criminals from winning by fighting back, and the team here at Empower IT is on your side and armed with the latest expertise.”
The world of cybercrime is changing fast and you need to be ready. Let the experts at Empower IT carry out a FREE risk assessment as the first step towards keeping you safe