Getting to grips with cyber risk

Posted by Jillian Stewart on Oct 19, 2018 1:15:46 PM
Jillian Stewart


Cyber attacks are a real risk for SMEs. A cyber attack is a breach of a computer system by an outside party with the aim of stealing sensitive data. Cyber criminals can target individuals, organisations, companies or governments. Cyber crime caused direct financial losses to NZ businesses of over $1.5M in AprilJune 2018 according to CERT NZ (Computer Emergency Response Team New Zealand). 

Cyber threat is huge for SMEs
Cyber attacks are a threat to all businesses, of all sizes. But when it comes to SMEs, how big is the risk? Big, and getting bigger. A 2018 NZ cyber security survey found that 24% of SMEs experienced a cyber threat in 2017 (compared to 18% the previous year) and the average cost of cyber crime exceeded $15,500. 
Cyber criminals target SMEs because they have more digital assets than individuals but less security. SMEs underestimate their risk level and therefore have a tendency not to invest in cyber security. So, even as cyber attacks on small businesses increase, many businesses remain unprepared. This is partly because the media focus is on major corporate data breaches, meaning a lot of small businesses are unaware that they are being targeted by cyber criminals. But sub-optimal security practices are exposing smaller businesses daily to cyber attacks that compromise data and IT infrastructure.
How real is cyber risk for me?
The short answer is if your business is not adequately protected, it is exposed to attack by cyber criminals. Is your business connected to the internet? If it is, it’s vulnerable. And faster internet and more connectivity mean more cyber security threats. Comprehending this reality and then getting to grips with the basics are the first steps towards getting prepared.
Understanding cyber threats 
The end goal of a cyber attack is to steal and exploit sensitive data. In their IT systems SMEs hold their own critical data that may include any or all of the following:
  • Intellectual property – from new products or services in the pipeline to new business ideas 
  • Employee details
  • Accounts information 
  • Passwords
  • Supplier information 
  • Customer details (including credit card and/or other numbers)
All this data is commercially sensitive and puts SMEs at significant risk of a cyber attack. Businesses must ensure they are adequately protecting their sensitive data. Customers expect reliability and trustworthiness. In the event of a data breach, customers lose trust, competitors potentially gain an advantage, and criminals have access to the company’s financial information. SMEs must safeguard their future success by safeguarding their data. To safeguard data, businesses need to identify the particular cyber threats that they are exposed to. 
How can you reduce your risk and reduce insurance premiums?
With Dacreed's powerful online compliance training you can train managers and staff in cyber security. Once completed, you'll be able to demonstrate a lower risk profile to our partner insurers and get lower premiums - saving you and your business money.

Topics: Cybersecurity

Proactively train your staff in AML/CFT

With the Dacreed online compliance training system you can:

  • assess your team’s knowledge, application and retention of AML/CFT training
  • keep track of your team’s completion dates and completion rates
  • tailor the training for different employees depending on their roles and tasks