Many SMEs do not consider themselves prime targets for cyber attacks, but they are wrong, said a senior executive at Australian cyber insurance specialist Emergence Insurance.
Mr Gerry Powers, its national head of sales, noted that many SME owners and managers assume big companies have more information to steal and more profits to siphon off, so they are targeted most often by criminals online. In reality, the opposite is often true.
“Everyone can be a cybercrime target – even SMEs. They must stand up to the cybercrime epidemic, spread awareness and do their part to prevent incidents. That process begins with simply admitting the problem exists,” he said.
Cybercrime can be particularly costly for SMEs, with research showing 60% of hacked SMEs were out of business in six months. Protection from cyber crime, especially those involving data loss, has become more important as Australia’s new notifiable data breaches scheme took effect on 22 February 2018.
Mr Power said that SME clients should be asked the following questions:
- Are all software licences up to date and antivirus updates enabled? Outdated software can expose businesses to potential attacks and trigger loss of clients’ personal information, leading to brand damage and rectification costs.
- Do they regularly review information stored internally? Ensure sensitive information, such as payment processing data or confidential trade secrets, is secure.
- Advise SMEs to plan ahead so if and when they are attacked, they are ready. SMEs need to know how to sustain operations even if data access is disrupted and act quickly to prevent distressed customers or lost revenue after an attack.
- Do they involve all the workforce? No business leader can prevent cybercrime incidents alone. It’s a team effort. If someone is left out of the cyber security planning process, that weak link might leave the business vulnerable.
Mr Power said even if SMEs were highly vigilant about preventing intrusions, they still happened, and advised them to buy insurance to provide an extra layer of financial protection.
“A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack,” he said.
Sydney-based Emergence Insurance specialises in new and emerging risks in the SME market in Australia, New Zealand, South Africa and Asia. It was formed in 2015 with investment from Steadfast broking network and Hollard insurance.