Experts urge small businesses in NZ to take cyber risk seriously

Experts urge small businesses in NZ to take cyber risk seriously | Insurance Business New Zealand

Experts urge small businesses in NZ to take cyber risk seriously

Experts are calling on small businesses across New Zealand to start taking their cybersecurity more seriously if they want to avoid suffering a cyberattack.

James Brown, general manager of the New Zealand Financial Innovation and Technology Association (FinTechNZ), said that a recent surge of cyber incidents should spur businesses to “wake up” to the threat of an attack.

Read more: Cyber insurance leaves something to be desired after tumultuous 2020

“Only 6% of Kiwi companies have adequate protection,” Brown told media outlet Make Lemonade NZ. “On average, companies take about 197 days to identify and 69 days to contain a breach according to IBM. [And] New Zealand has a high concentration of smart phone adoption which could make businesses and organisations more vulnerable.”

And according to Brown, the global COVID-19 pandemic has gifted cyber criminals with even more fertile ground to execute their scams.

“We need to increase protection against attacks, especially bearing in mind that more than 90% of New Zealand companies are small businesses,” said Brown. “New Zealand is not exempt from major cyber-attacks which could impinge on the economy and livelihood as a nation. We need to understand the nature of cyber threats and key issues that government and private sector face.”

A recent survey of small businesses by the government’s Computer Emergency Response Team (CERT NZ) revealed that only 38% of respondents believe their business adequately invests in cyber security, and just 34% believe their business has put a lot of thought and planning into being cyber secure.

And alarmingly, just under half of respondents have processes in place to prevent a cyberattack.

Jonathon Berry, consulting partner at cyber-security firm InPhySec, said there are several basic steps that small businesses can take to protect their digital information.

“Cybersecurity isn’t necessarily an expensive proposition,” Berry told Make Lemonade. “Outsourcing to a managed security service gives a high level of protection at a reasonable cost. Prevention is certainly far more cost-effective and much less stressful than having to respond to a breach or compromise.”