Prioritise Your Cyber security: Expert Tips for Small Businesses

Cyber SecurityIT SupportEssential 8
Written By TC Yee
Being cybersecurity smart is business critical. Don’t think your business is too small to be targeted by hackers.
Importance of Cyber Security, Padlock and Keypads

Yesterday was the best time to manage your cybersecurity.

Tips for small businesses to handle cybersecurity with the ever-increasing threat of ransomware and malware attacks.

While we don’t enjoy creating public panic, cybersecurity threats are real and serious. Half the population has had their information hacked this year. So it’s fair to say everyone will get hacked if they haven’t already. 

Cybersecurity threats are currently dominated by ransomware and malware attacks. Originally, ransomware spread and encrypted your files to extort you. Now they just take your information to sell or use. They can be operating in your system for months undetected. By the time you realise, it’s too late.

“Ransomware is everywhere. You can buy or even rent it on the dark web for a few dollars. Malware and ransomware run without your knowledge, and anti-virus software doesn’t cut it in a cyber attack. You must ensure that nothing is active on computers that shouldn’t be.” - TC Yee, TCD Director.

It’s not a matter of if but when. 

Hacks are incredibly violating, and the frequency and severity of recent hacks and cybersecurity breaches have understandably created huge concerns for businesses and individuals. Everyone should assume cyberattacks are happening and go looking for them. 

Phishing scams are a Christmas and January favourite. Using artificial intelligence, information is gathered from your social media accounts to target you with complex and intricate scams.

Cybersecurity business risk analysis 

Everyone will have some Personal Identifiable Information (PII) kept in an unsecured location. Do some housekeeping. For example, keep tax file numbers and addresses out of Gmail (which is easily hacked) along with: 

  • What client information are you storing? 

  • How are you protecting it? Encryption is critical. 

  • You can be diligent with your information, but what about suppliers?

  • Understand the business consequences of a hack

  • Think about the implications of stolen data. 

“A new guideline has also been released where business directors are responsible for protecting data, and you must have backups and a business continuity plan if your business is hit”, TC Yee, TCD

In addition to not encrypting the data, businesses retaining PII for too long creates additional risk. Optus held old customer information, and they and Medibank did not encrypt customer information. 

If you’re or think you are hacked, stay calm. Start with your own risk analysis. Try the best practices of changing passwords, getting multi-factor authentication and obtaining new IDs with different numbers. Avoid being overwhelmed by “CyberSecurity Anxiety” and turn to an expert for help.

Credit Cards and Payments 

Scammers first look for credit card numbers when they scan data and then anything to accompany that, like bank and identity details. 

It’s a failure (negligence)  and non-compliance for businesses to retain customer credit card numbers. Payment systems are not PCI (Payment Card Industry) compliant if they store credit card details. One of the safest internet payment options is token payment transactions through a digital provider.

Banks hold ultimate responsibility for stolen money, but they assess all claims to determine if the business and individual is responsible for being negligent..

How do I protect my business?

The Australian Cyber Security Centre (ACSC) has developed mitigation strategies to help organisations protect themselves against cyber threats. The most effective strategies are the Essential Eight. We recommend implementing all of them immediately!

Encryption (of stored data) is critical but best left to experts like us. we can also do things like run a dark web search to check whether your emails have been compromised and to establish your cyber security risk profile.

We understand it’s difficult for smaller businesses and individuals with leaner resources to invest in cybersecurity. It’s why The Computer Department is here. We have spent the last three years focusing on research and development in our cybersecurity department to guide you on the latest technology and protect your business from cybersecurity threats. 

 

Your Security is our Priority

Your friendly Support Team

the computer department logo

Speak to us about all your computer needs

This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.

 
TC Yee
Previous

2023 Cyber Security Landscape: Trends and Priorities
Next

Massive Optus Cyber-Attack in 2022: Lessons Learned