There's a very good reason why cyber-security has been identified as the number-one global business risk by Allianz. Cyberattacks are becoming increasingly frequent – June 2020 alone saw a 120% rise in cybercrime. According to the Annual Cyber Threat Report published in November 2020 by the Australian Cyber Security Centre (ACSC), a cybercrime is now reported every 10 minutes in Australia.
The continuous cyber warfare being conducted by cybercriminals around the globe costs the Australian economy billions of dollars a year, and the disruptive cyber-attacks on business and government in June 2020 were so devastating that they prompted Prime Minister Scott Morrison to formu-late a Cyber Security Strategy to deal with the issue.
Whether it’s phishing, ransomware or denial-of-use cyberattacks, cyber incidents have the ability to bring a business to its knees. The $8.7m cyberattack on Sydney hedge fund Levitas Capital forced its owners to close the doors in September 2020. The attack was part of a coordinated strike on the funds management industry. Commander Chris Goldsmid, who heads the AFP’s cyber-crime unit, said $174m had been stolen from Australian businesses since July last year through email scams.
Given the surge in cyberattacks around Australia in the last 12 months, more and more businesses are realising the devastating impact a cyber incident can have on their operations. We’ve seen a signifi cant increase in cyber insurance policies being processed by Resilium, and that’s because many people are starting to realise that with cybercrime on the rise, it’s got to the point that it’s no longer a case of if a cyberattack might happen, but more a case of when.
Unfortunately, some business owners only realise the value of cybersecurity once it’s too late – once their business has been held to virtual ransom and experienced the disruption of ensuing revenue loss, lost customers, brand damage, the loss of critical data and ongoing operating costs that still need to be paid.
Businesses can no longer afford to be complacent about their cyber safety and should consider seeking comprehensive cyber safety solutions from a reputable IT provider to put in place some protection before it’s too late. Many businesses are also including cyber insurance as an integral part of their business risk profi le.
The following are seven key steps your clients can take to help safeguard their busi-ness from a cyberattack.
- Consider using extra security meas-ures like multi-factor ID authentica-tion for portable devices like laptops, iPhones and iPads.
- Practise safe web browsing – don’t click on things just because they look legiti-mate. Always check the URL and whether it’s from a trusted sender.
- Email security is vital. Do not use your personal email for work purposes, never open attachments on unfamiliar emails, don’t click on any suspicious links within emails, and evaluate the email itself to determine whether the links look strange or there are spelling/grammatical errors.
- Avoid common passwords that include seasons, city names, pet names and family names. Consider using full sentence passphrases with numbers or symbols (i.e. WelcomeToSharePoint2018!).
- Lock up important business materials. Don’t leave papers, computers or other electronic devices visible in an empty car or house.
- Shred sensitive paper records before disposing of them. Cybercriminals aren’t just operating behind a computer screen and will go through bins to find personal data.
- Talk to your adviser about your risk profi le and how you can be protected by cyber insurance.