Small to medium businesses (SMEs) in Australia are running the risk of becoming cybercrime victims, as new technologies are brought into their businesses, according to a new report from Zurich.
The Global interconnections of cyber risk: impact on small and medium-sized enterprises report (PDF) has warned that while the internet has provided SMEs with "countless benefits", including allowing organisations to handle more customers at the same time and compete with larger companies, SMEs have started to overlook the risks that are involved in using the internet, and it is not just data breaches or theft of trade secrets but larger global shocks.
The warning to SMEs is directed at owners, risk managers, corporate executives, board directors and government officials, which the report says are generally 'not prepared' for the internet of tomorrow.
Zurich head of financial lines Australia and New Zealand, Marc Luginbuehl, said even though the outlook is alarming there are solutions that SMEs can take to minimise their risks from a global system shock.
"An additional problem that is revealing itself is that hackers are now often targeting an SME not for its own value, but because of its connection to bigger business which may be relying on the SME for something critical to its operations," he said.
"Therefore it's never been more valid than now to remind SMEs that, while they should investigate and potentially embrace emerging technologies such as cloud storage, it would be remiss of them not to take great care to understand and mitigate the unique risks that can arise from their implementation."
The report recommended SMEs embrace new technologies such as cloud storage but carefully manage the risks associated with it. For example, it suggested SMEs should conduct periodic drills to review how the company would detect cyber incidents, and how it should best respond to disruptions to ensure the least impact, and examine how suppliers, outsourcing partners, and cloud-service companies expose the company to risks.
Other recommendations for SMEs include improving online security, shifting mentalities from protection towards resilience, and have owners or CEOs step up in the risk management stakes by making time to better understand the technologies that their company relies upon.
"They need to determine how these disruptions could lead them to lose important clients, or potentially even force them into bankruptcy. We should be seeing the desire of conscientious managers to further develop a holistic view on risk and well rounded risk management approaches when exploring potential systemic cyber failures," Luginbuehl said.
Similar cautioning has been offered by the Australian government to young Australians when it comes to dealing with cyber-bullying, in conjunction with the launch of the Australian Communications and Media Authority's (ACMA) Digital Citizens Update, one year on from the launch of the Cybersmart Citizens portal.
The federal government has announced funding of AU$10 million as part of the Enhancing Online Safety for Children policy. Of that, AU$7.5 million will go towards assisting schools in accessing accredited online safety programmes; AU$2.4 million will go towards establishing and operating the Office of the Children's e-Safety Commissioner to take a leadership role in online safety; and AU$0.1 million will support Australian-based research and information campaigns on online safety.
"ACMA research has found that 72 per cent of teens go online more than once a day — the majority on smartphones," said Paul Fletcher, parliamentary secretary to the Minister for Communications. "As young people spend more time online, the updated Cybersmart Citizens portal will provide tools to help address cyber-bullying issues and to help users navigate the online world safely and confidently."
Telstra, Google, and the Commonwealth Bank are among a handful of business that have provided material support for the Cybersmart Citizens portal.