Research conducted by Allcom Networks has revealed almost half of all Australian small and medium business are still under-prepared when it comes to cybercrime, despite recent measures being put in place suggesting the severity of the issue.
The research comes following recent amendments to the Privacy Act, which will see penalties for such activity increase from the current maximum penalty of $2.1 million for serious or repeated breaches to $10 million, or three times the value of any benefit obtained through the misuse of information, or 10 per cent of a company’s annual domestic turnover.
According to Mark Mantakoul, general manager of Allcom Networks, securing one’s business against cybercrimes needs to be top priority, with breaches potentially exposing them to significant financial loss and crippling reputational damage.
“In today’s digital age, every business in any industry is vulnerable as cybercrimes like hacking steadily increase,” Mr Mantakoul said.
“Internationally, we are seeing an increase in the level of sophistication in cyber attacks, including cases where hackers have intercepted emails, manipulated invoices and redirected payments to their own accounts.
“It is no different here – we are increasingly hearing from companies that have been compromised by ransomware or data breaches.
“And unfortunately, most companies take a reactive approach to security, usually only thinking about it after a cybercrime or data breach has occurred which could see them exposed financially and reputationally.
“The message is simple – if they don’t start to take preventative action, Australian businesses are putting themselves at risk.”
Mr Mantakoul said in addition to the potential reputational and financial impact of a cyber attack, the recent amends to the Privacy Act around notifiable data breaches should prompt businesses to think about the issue before it happens.
“Recent amendments to the Privacy Act include an increase in penalties and requirements around notifiable data breaches, which should see businesses introduce measures to not only protect personal information, but focus on those directly affected,” he said.
“Not only could ill-prepared businesses unwittingly release sensitive information but could also face irreparable brand reputation damage and financial penalties if they don’t comply with the mandatory data breach notification requirements.”
“... Today, every business sector is vulnerable as criminal hacking steadily increases – across all industries including financial, law, manufacturing, construction, marketing, IT, health and logistics.
“Based on the data available, our recommendation for businesses is to improve the security of their systems and technologies, increase cyber security awareness throughout the organisation and be prepared to act immediately in the event an attack occurs.”