Australian Government Launches Small Business Cybersecurity Guide

The Australian Government Small Business and Family Enterprise Ombudsman Panel ( ASBFEO ) recently released the Guide to Cyber Security for Small Business Cybersecurity – Best Practices Guide to Cybersecurity. This guide covers three steps of “self-protection” to help small business operators in Australia prevent or better respond to cyber-attacks and help the audience understand current risks and how to prevent cyber-attacks.

Small businesses will face more security threats

The guide cites a study released in early 2016 that said 43% of cybercriminal activities are targeted at small businesses.

The Ombudsman said that as a result of rampant WannaCry and Petya ransomware in 2017, 22% of small businesses have been unable to continue operations due to a serious attack, and another 60% of them are due to be significantly over the next six months Network security breach and closure.

According to another statistics, 87% of small businesses consider themselves very secure – because they are using anti-virus software.

Kate Carnell, Australia’s small business and family business inspector, argues that a significant portion of small businesses lack the time and resources and cybercriminals are becoming more complex, making them more vulnerable to such activities. Online threats are as real as physical threats and cybersecurity issues need to be taken seriously.

Carnell also said that small businesses should not be afraid of “going to the Internet,” because there are tremendous opportunities and benefits for development on the Internet. Many small businesses have successfully opened virtual stores and physical stores combined with the development, and thus establish a sustainable mode of operation

Network Security Best Practices Guide

This Guide to Cyber Security Best Practices provides three quick steps to “protect yourself”: prevention, improvement, and response:

• Encourage small businesses to regularly back up, repair applications, adopt complex passwords and two-factor authentication, and restrict access to administrator accounts and sensitive information.
• In order to “work in a safe manner,” this guide requires small businesses to regularly communicate security practices and discuss cyber-security issues in the workplace, while browsing secure websites and installing only trusted applications.
• The guidelines emphasize: “If you think a cyber attack has occurred, notify your staff and report it to the authorities, and then use the backup copy before the incident to recover, and consider buying cyber security.”

Karell said at the Asian Security Conference in Sydney last year that many small and medium-sized businesses operating in Australia often mistakenly believe criminals will only target “large enterprises.” In fact, however, it is clear to cybercriminals that large enterprises have strong security systems, whereas small enterprises have various security weaknesses.

97% of Australian businesses are small businesses

In 2017, 30% of small businesses reported having experienced cybercrime, an increase of 109% over the previous year. Carnell said the actual figures will be staggering than this figure, so a considerable number of small businesses are more likely to choose to hide facts after being attacked.

Australia has a number of small businesses, the Ombudsman defines small businesses as businesses with fewer than 20 employees, and the Australian Tax Office gives a definition of a turnover of less than $ 10 million.

As of July 2017, 97% of Australia’s businesses are small businesses with fewer than 20 employees – meaning that the total number of employees in small businesses is around 2.1 million.

Carnell added that most small businesses do not have COOs, in-house lawyers or IT staff at all. Although these small businesses are aware of this issue, their cybersecurity capabilities are still seriously lacking. In addition, CEOs tend to actively conduct their daily business around their office systems, ignoring the importance of network protection. More seriously, many SMEs do not even know how to protect themselves. The Australian federal government has many different agencies in the area of cybersecurity, and small businesses often find it hard to ascertain their specific functions.

Source: zdnet