Even the smallest business has information or data stored on its computer systems that is essential to its daily operations. Customer files, financial records, employee information, intellectual property – all are vulnerable to theft, alteration or deliberate destruction by outside attackers over digital networks and must be protected.
With every business now connected to the Internet and rapid technological advances such as web-based applications and the increasing use of mobile devices, there are opportunities for cyber criminals to access and compromise their networks and computer systems if these systems are not adequately secured.
Most larger corporations have the resources to invest in comprehensive information security measures to protect their data and systems, and this has seen cyber criminals turn their attention to smaller, less well protected businesses which are easier to access. The statistics on cyber attacks targeting small businesses are alarming:
- in 2018, cyber attacks increased nearly 425% over the previous year
- that same year, 58% of attacks were directed at small businesses
- the average cost of a digital breach to businesses of all sizes is $200,000
- 22% of small businesses that were breached by the 2017 Ransomware attacks were so affected they could not continue operating
- attacks are becoming more frequent, with 40% of affected businesses suffering multiple attacks
Despite this, many small businesses are not properly protected because they perceive that the threat is not serious, or don’t believe they have the resources or time to implement adequate security measures. In fact, 87% of small businesses believe their business is safe from cyber attacks because they use anti-virus software alone.
As part of an effective Information Security system, it is essential to have properly configured firewalls in place to defend against cyber attacks. Software firewalls should be installed and maintained on each computer system in the organisation and a hardware firewall installed between an internal business network and the Internet to block unwanted traffic and malicious communications from entering the internal computer network of the business and potentially causing harm to that business.
The consequences of a cyber attack are not limited to data loss, but can also result in prolonged system outages and disruption to business, loss of reputation and trust, and legal fees due to potential lawsuits as a result of breaches of confidentiality of customer data. Cyber crime costs the Australian economy more than $1 billion annually, and it is the responsibility of every business to take steps to manage the risk of an attack on their computer systems.