Cybercrime shows no signs of slowing down in Australia.
ReportCyber, the Federal Governmentâs online cybercrime reporting service, received close to 94,000 reports in FY2023, according to the Australian Signals Directorate (ASD) Cyber Threat Report 2022-2023.
While attacks on big business may hog the headlines, small enterprises are squarely in the sights of hackers and cyber criminals too.
These individuals are intent on disrupting and defrauding, and their methods are becoming increasingly sophisticated, according to Chief Information Security Officer Alexander Moskvin.
âArtificial intelligence can enable even âjunior hackersâ to create sophisticated social engineering campaigns, featuring fake voice and video,â he says. âEven the smartest and most sceptical of targets can potentially be taken in.â
âAnd itâs easier than ever for perpetrators to home in on potential victims, courtesy of the fact that millions of Australians have had their personal information â email addresses, mobile numbers and personal identity data â leaked to the dark web during the last year.â
Meanwhile, businesses are at increasing risk of supply chain attacks. This kind of attack affords the perpetrators access to the systems and data of the victimâs partners and customers.
More hackers are starting to focus on this section of the âmarketâ â to the point that supply chain attacks may soon be offered as a service on the dark web, Moskvin says.
âArtificial intelligence can enable even âjunior hackersâ to create sophisticated social engineering campaignsâ
Strengthening defences
A major attack can be disruptive and expensive and while cyber insurance may help defray the costs, prevention is always better than cure. There are several ways businesses can strengthen their defences, to help reduce the likelihood of their falling victim.
First among these for SME is adopting the Essential Eight â a series of straightforward mitigation strategies developed by the ASD several years ago. They include patching applications promptly, implementing multi-factor authentication and running regular back-ups.
âTheyâre not fool proof but a small business that implements them across the board can become a much harder target,â Moskvin says. âHackers will be more inclined to look for another victim whose systems offer an easier âinâ.â
While it might not always be a full-time role, appointing a cyber owner is the best way to ensure suitable cyber-security measures are implemented and reviewed regularly.
âUnless someone is accountable for taking the actions, itâs easy for it to be everyoneâs business but nobodyâs task,â Moskvin says.
Keeping an eye on the security posture of your information and communication technology suppliers and partners is also a smart move, Moskvin says.
âUnfortunately, there are plenty of insecure systems on the market, so it pays to do your homework.â
Cover to help your business recover
A major cyber-attack or data breach can be disruptive and expensive. Cyber insurance is there to help your business bounce back and rebuild, should the worst occur.
To find a policy thatâs right for your risk profile, contact your broker or adviser today.
Â
Important notice â Steadfast Group Limited ABN 98 073 659 677
This general information does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your insurance broker or adviser as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. These insurances are issued by various insurers and can differ.