Tips to protect your business from cyber threats

Stolen data is a financial commodity for cyber attackers and can be sold on to other criminal entities, indicating the need for more focused, expert online security advice for all SMEs.

by | Dec 27, 2018

Software fraud addressed in black economy laws

SMEs increasingly depend on IT systems and are thus vulnerable to existing cybersecurity risks and newly-emerging cyberattacks, the Institute of Public Accountants said in its recently released Small Business White Paper.

Research has shown that small business is the target of 43% of all cybercrime, with 60% of those that experience a significant cyber breach going out of business within 6 months.

Recognising that SMEs are not immune to a wide range of cyber threats, the IPA has put together several simple recommendations to help small businesses improve their online safety.

SME cybersecurity advice

 

  • Apply the latest updates from software suppliers to repair newly discovered cyber vulnerabilities. This process can and should be automated and should cover operating systems and key applications.

 

 

  • Use strong passwords and two stage authentications (e.g. users are sent a text code to login with their password.

 

 

  • Use a cloud-based email service and cloud storage, rather than organisations setting up their own email servers and storage servers.

 

 

  • Back up important data on a regular basis and check that you can reinstall the data you have backed up. Backups should be stored off-site.

 

 

  • Install security software (e.g. installing anti-malware software that offers protection against malware).

 

 

  • Keep anti-virus and anti-malware software up-to-date.

 

Some advanced cybersecurity steps can be implemented to improve security, such as:

 

  • Develop cybersecurity guidelines, policies and practises that an SME should follow in relation to cybersecurity (e.g. the handing of sensitive information, how to manage incidents, a formal organisational cybersecurity policy)

 

 

  • Undertake a security risk analysis/ audit to be aware of cybersecurity threats and risks that an SME could face and then take steps to mitigate or remove the threat of high-level risks

 

 

  • Test that security features actually work (e.g. testing back-up approaches, running simulations of cyberattacks and seeing how an SME would react to a cyberattack)

 

 

  • Consider security alternatives (e.g. outsourcing certain security functions to a third party or considering cybersecurity insurance to help recover from a cyber incident if one occurred.

 

Refer to the IPA’s White Paper for more advice on cyber proofing.

More from Public Accountant

IPA National Congress hears ATO plan to shrink small business “tax gap”

IPA National Congress hears ATO plan to shrink small business “tax gap”

Ombudsman review targets ATO’s agent phone line failures

Ombudsman review targets ATO’s agent phone line failures

The WH Smith Error: how revenue recognition may have humbled an icon

The WH Smith Error: how revenue recognition may have humbled an icon

1 in 3 Australians in their late 60s are still working, new HILDA survey shows

1 in 3 Australians in their late 60s are still working, new HILDA survey shows

How to get control of your time

How to get control of your time

Embracing the AI frontier: Rethinking auditor skills and education

Embracing the AI frontier: Rethinking auditor skills and education

Share This