Your introduction to cyber security for business
What is cyber security?
Cyber security is a term used to describe the measures taken to help protect a computer or computer system against unauthorised access or cyber attacks. It’s also something that all business owners need to know about. The reality is, cyber crime is on the rise and no business, big or small, is immune to being the target of suspicious activity online.
As reported by business.gov.au, taking your business online can have its benefits, but it can also increase the risk of scams and security threats. Cyber security is about helping to protect your technology and information from:
- accidental or illegal access
The good news is, while even a single cyber-attack can cause serious damage, you can help defend your business by implementing a risk management plan.
Cyber security versus cyber safety, what’s the difference?
The terms may sound similar, but cyber security and cyber safety are very different things. In a nutshell, cyber security involves measures taken to help protect information, while cyber safety encompasses policies and procedures designed to protect people.
The Australian Cyber Security Centre (ACSC) defines cyber security and cyber safety as follows:
- Cyber security. Describes the measures used to protect the confidentiality, integrity and availability of systems, devices and the information residing on them.
- Cyber safety. Refers to the safe and responsible use of information and communication technologies.
So, when businesses work with cyber safety in mind, they consider the safe and responsible use of information and communication technologies in all business operations. And when they integrate cyber security into their business models, they implement solutions designed to help protect their networks and data, as well as the data of their customers.
Why is now the time to think carefully about cyber security?
According to Business Victoria, Australian businesses are increasingly vulnerable to cyber attack and online scams. You only need read the news to notice that online crime appears to be on the rise. And the malicious work of hackers can result in financial losses for businesses big and small.
According to Marsh, a leading provider of insurance broking services for businesses across Australia, 48% of Australian small and medium businesses spend less than $500AUD annually on cyber security. This reality means that many hackers view these businesses as attractive targets due to a perceived lack of resources to fight back against attacks.
What are the risks of doing business online?
As observed by Business Victoria, businesses often face cyber security problems such as:
- payment redirection and false billing scams
- viruses or malware (harmful software)
- data breach
- spyware and stalkerware.
When you take a proactive approach to help defend your business by implementing cyber security measures, you help to decrease the likelihood of becoming the target of online criminals. Which, in turn, helps to deliver peace of mind so you can remain productive and focused while doing business online.
What business assets do you need to secure online?
A part of the risk management process is figuring out what assets are at risk to begin with. So, the question is: what business assets should you be helping to protect with cyber security?
Some key business assets you should take steps to secure include:
Endpoints, including desktops, laptops, tablet computers, and other devices.
- Mobile devices.
- Business email services.
- Cloud software applications.
- Customer Relationship Management (CRM) systems.
- Your website domain and associated content management system (CMS) access.
- Advertising and social media accounts, such as Google Adwords and Facebook.
According to ACSC, protecting accounts associated with the kinds of systems listed above is the first line of defence to protect your information from cybercriminals. This is because hackers often target administrator accounts to take control of a user’s computer. So, in addition to updating your passwords regularly, it’s wise to consider investing in cyber security software for an extra layer of protection.
How the defence of business assets can help boost your reputation
If customers and suppliers entrust you with their information, you have a responsibility to keep their data safe. In this way, cyber security for business is about more than just defending your own assets, it’s about helping to protect others too.
With incidents of security breaches on the rise, your business reputation is influenced by the risk management frameworks you put in place to help protect your customers. If you can demonstrate that you're taking steps to secure the information entrusted to you by individuals, it may help you improve customer satisfaction and brand loyalty.
Common cyber threats you should know about as a business owner
For a small business, according to ACSC, even the smallest cyber security incident can have devastating impacts. By knowing what to look out for, you can increase your chances of knowing when your business may be under attack. As they say, knowledge is power.
The most common types of cyber threats
Malicious software (malware)
Malware is unauthorised software designed to cause harm. Created by cyber criminals, it includes viruses, spyware, trojans and worms that provide hackers with a way to access information, such as bank or credit card numbers and passwords.
Scam emails (phishing)
Phishing is a term used to described suspicious emails, messages, or calls that are designed to trick you to transfer money or share data. According to ACSC, criminals often use email, social media, phone calls, of texts to try and scam Australian businesses by pretending to be an individual or organisation you think you know or ought to trust.
Ransomware is designed to lock up or encrypt files so you can no longer use or view them. A type of malware, ransomware is designed to lock down your computer or files until a ransom is paid, much like the name suggests. According to ACSC, small businesses can be particularly vulnerable to this kind of attack, as they’re less likely to implement cyber security measures that could help prevent and recover from ransomware.
What can you do to defend yourself again common cyber threats?
According to ACSC, properly managing your software, data, and online accounts can help increase your business’ protection from the most common types of cyber threats, in turn helping you to decrease operational risk when doing business online.
You have the power to help protect your business
Today more than ever, business owners are taking responsibility for their own cyber security. A reflection that ongoing risk management has become routine for those who want to help reduce the risk of cyber threats negatively impacting business operations.
In the words of ACSC, all businesses, no matter how small, need to be aware of and consciously apply cyber security measures at every level. The trick is to think of it not as a challenge or chore, but as a responsibility that will help you do business with rigour.
By taking charge with a strong cyber security strategy, you can help protect your business-critical information and your customers’ data. In turn, empowering you to establish lines of defence against cyber criminals to help bolster your business and brand reputation.
Ready to build your cyber security strategy?
To create a holistic cyber security strategy, it pays to build from the ground up, starting with the basics. To help you protect your business against security breaches, we’ve written a guide outlining the ACSC’s essential risk management strategies. To learn more, visit How to get the basics of cyber security right.