Protect your business from online threats
Protect Your Business From Online Threats
Online threats and fraud, known as cybercrime, are a major challenge for small businesses.
Small businesses are at higher risk of being scammed than large companies. 59% of losses reported to the ACCC's Scamwatch in 2022 were suffered by small and micro businesses and those losses increased by almost 95% from the previous year.
Cyber security measures can protect your business from online threats. Cybercrime often exploits vulnerabilities which are easy to fix once they are identified. Protecting your business is as much about examining your own practices when working online as it is adopting the right technology or systems.
What is Cyber security?
Cyber security refers to the steps organisations and individuals take to reduce their risk of online attacks. The primary purpose of cyber security is to protect internet connected devices (e.g. laptops, smartphones and tablets) from:
- theft or damage
- accidental or illegal access
- fraud or scams
- any other harmful activities resulting from cyber-attack.
The most common threats are:
- ransomware (a type of malware that often leaves your files or device encrypted or locked)
- malicious software (software designed with malicious intent)
- phishing (scam messages)
- business email compromise (including fake invoices)
MORE INFORMATION ON COMMON SCAMS
Why should I take steps to protect myself?
Cyber attacks have the potential to cause great harm to small business operators. Not only can cyber attacks cause damage to the systems your business relies on, they can also jeopardise any sensitive data or information held by your business. Cyber-attacks can cause significant reputational damage and even legal consequences (e.g. breach of contract).
You can take steps to protect your business and reputation by making yourself aware of the different types of cyber security threats. Take steps to protect yourself, and any digital information your business creates and stores. If you are not confident about the technology used in your business, make sure you have a trusted advisor you can turn to for support and advice.
Where to start?
| Cyber security basics |
|---|
| 1. Update your devices and configure settings to “automatic update” |
| 2. Turn on multi-factor authentication (a security measure that requires two or more proofs of identity to grant you access) |
| 3. Set secure passphrases |
| 4. Be aware of scam emails (fake invoices) and text messages: always be confident that an invoice or other request for sensitive information is genuine |
Start by doing some basic research.
The first step is to acknowledge your business may encounter cyber security risks and to invest some time understanding potential threats and how they may affect the systems and technologies used in your business. Remember, cyber security is not purely about technology, but also the way in which humans interact with it.
The Australian Cyber Security Centre provides further advice on cyber security for small business owners.
Useful resources
Australian Cyber Security Centre – Small Business Cyber Security Guide
The Australian Cyber Security Centre has prepared a detailed guide to support small businesses better understand and develop responses to potential risks. Learn more here: cyber.gov.au/acsc/small-and-medium-businesses/acsc-small-business-guide
Stay alert to new threats and scams
The Australian Cyber Security Centre provides regular cyber security alerts impacting small businesses. You can also report a cyber security incident. Learn more here: cyber.gov.au/acsc/view-all-content/alerts/small-and-medium-businesses.
The Australian Competition and Consumer Commission’s “Scamwatch” website can help you stay on top of emerging scams. Scamwatch operates an alert service with warnings about new scam threats provided direct to your inbox. Learn more about this free service here: scamwatch.gov.au/about-scamwatch/tools-resources/online-resources
Prepare for the unexpected – Build a Business Continuity Guide
Every small business should have a plan that prepares for the unexpected, including cybercrime. Business continuity planning is an essential ingredient for growing and sustaining a good business.
This Business Continuity Plan provides practical actions and steps you can take to help protect your business should the unexpected happen. This plan has been developed to help you plan for the future and find ways to minimise the impact of disasters on your business. The Get Ready Business tool helps businesses prepare for disaster in five easy steps.