When Being Number 1 Is Not Always Best
Cybersecurity breach, who ya’ gonna call? Who do you blame first when your business network has a security breach. The staff? The IT guy? It is definitely your fault! Did you know Australia was the world’s number 1 in 2016 for security breaches, with 9434 cyber incidents!
What’s the Cost?
Cyber security breaches like viruses, website hijacks and ransomware are expensive to remediate. Most will cost the bottom line at least a week’s lost revenue. Remediation costs will be upward from $3000. The average lost time is 33 hours per breach. I recently witnessed a security breach demonstration. A professional hacker took less than 5 minutes to take over the business network. This was through a Facebook web hijack. I had a business friend defrauded of over $29, 000 when his email services were compromised. His finance department paid an invoice to a Malaysian bank account.
More recently, a retail customer built a sales website for more than $10, 000. The business owner’s staff updated the site content from virus infected systems. The site was soon compromised and had to be taken down and rebuilt. The site was restored from backup at a cost of $4, 000. After they cleaned up, information updates lost took several days to reload.
Who’s to blame?
In all these cases the business owner failed to secure their business. They did not encourage staff to be aware of hijacking and phishing strategies. The owners believe that their IT service provider understood the business. Without a clear security plan for service providers or staff, no action is taken.
The FUD factor!
Business owners appear to be paralysed by the complexity of security.
- what are the critical issues for their business?
- who can they trust?
- why is their business under attack?
- what strategy should you have to remediate their information?
A business model which combines both strategy and technology services is necessary if the owner is to understand the requirements of protecting the business. Without the strategic model, neither the IT guy or the staff know what is critical to protect.
Business owners have been subject to sales-focused solutions. The solutions offered by vendors are based on what they are paid to sell. Service technologists are driven by self-interest. This is either where they get the most return or what they know how to run.
Hooray we’re world Number 1!
Australia is the 2016 winner of the most security breaches. We are number 1 and increasingly owners don’t understand: why them?
- often it is random dumb luck
- staff are targeted if the business profile is high
- trust relations with high profile partners also make a business a target
Most owners have no process or procedures to deal with cyber security. The strategy is implemented by the IT service provider. The remediation is subject to the service providers own timelines and resources.
What to Do now!
When is being number 1 bad? When it’s a cyber-crime ranking of the most hacked business worldwide. How do you get off the top of the cyber security hit list?
- identify the vulnerable areas of your business
- plan how each can be effectively secured
- match the plans to the technologies available
- encourage staff to be involved
- become a model cyber-secure business
An amendment to the Privacy Act will make notification of breaches mandatory by the end of 2018. Businesses will have to have a notification policy or face large fines. Take out Cyber-Liability insurance it’s important to your financial survival.
“The opinions expressed by Smallville Contributors are their own, not those of www.smallville.com.au"
SHARE THIS ARTICLE WITH LIKE MINDED SMALL BUSINESS PEOPLE