Small businesses continue to treat cybersecurity as an afterthought. [1]A study conducted by the Bank of New Zealand found that 53% of SMEs said cybersecurity training isn’t at the forefront of their minds while only 31% said it was. The pandemic has increased the dependency on technology and consumer behaviour has drastically shifted. Online and e-commerce businesses are the future and if small businesses want to succeed, they need to invest in the right technology and protection.
[2]Research has found that 47% of businesses have become victim to scammers last year. This is a record number of cybersecurity incidents which only highlights the clear need for businesses to remain vigilant. According to Government’s Computer Emergency Response Team (CERT NZ), cyber incidents have caused $3.7 million in financial losses to businesses in 2022[3]. Small businesses have only just started to find their feet in the post pandemic world, and they’re already crippled by labour and skills shortages and are inundated on all fronts with inflation and supply chain issues. Cybersecurity breaches are just another challenge for them to navigate and only adds further stress on their overburdened shoulders.
Mr Scott de Mestre, Head of Security, and Infrastructure from Employsure, Australia’s leading Employment Relations and Work Health and Safety specialists commented, “There is a glaring lack of knowledge in small to medium sized businesses when it comes to cybersecurity. Employers often think the IT guys will deal with cybersecurity but those are two very different issues and roles. Many cyber-attacks are not performed by sophisticated hackers, they are executed by people with the basic knowledge of how lax businesses can be.”
Mr de Mestre further added, “There are steps small business owners can take to protect their data and that of their clients. Firstly, understand cybersecurity. Business owners shouldn’t be ignoring cybersecurity. They should have a basic understanding of what it entails, how strong their systems are, and what policies or procedures need to be in place. [4]The National Cyber Security Centre (NCSC) website contains a wealth of valuable information tailored for small and medium business that assist with understanding the basics. Secondly, hire experienced professionals. Some things are better left to the experts and business owners need to understand that they need to delegate some tasks to trained and qualified professionals. Hiring cybersecurity experts can be an efficient way to protect the business. And most importantly, train their employees. Employers can train their employees in cybersecurity awareness and help them understand their duties. Videos, articles, and seminars are some ways business owners can use to educate their staff on the basics.”
[5]Only 6% of Kiwi companies have adequate protection against cyber threats. New Zealand has a high concentration of smart phone usage which makes businesses more vulnerable. 90% of New Zealand companies are small businesses, and they believe that cybersecurity is an expensive and unnecessary expense[6]. This misconception needs to be corrected and small businesses need to know that prevention is far more cost-effective and less stressful than having to respond to a data breach.
Now, more than ever, businesses need to be vigilant about protecting their data. A cybersecurity breach leads to a break in trust, increases the business risk, directly impacts the loss of revenue, and does reputational damage; all of which small businesses cannot afford.
[1] Almost half of NZ employers have been scammed | HRD New Zealand (hcamag.com)
[2] Guides | Insurance Business New Zealand (insurancebusinessmag.com)
[3] New Zealand cyber incidents, financial losses still high despite drop – CERT NZ report | Newshub
[5] Experts urge small businesses in NZ to take cyber risk seriously | Insurance Business New Zealand (insurancebusinessmag.com)
[6] Experts urge small businesses in NZ to take cyber risk seriously | Insurance Business New Zealand (insurancebusinessmag.com)