In the face of more targeted and increasingly complex cyber attacks, strengthening cyber security measures is crucial for Australian businesses.

In the 2021-2022 financial year,  the average cost per cybercrime  reported to the Australian Cyber Security Centre (ACSC) rose to over $39,000 for small businesses and $88,000 for medium-sized businesses. From understanding the different types of threats to implementing effective measures, we aim to empower small business owners with the knowledge and tools they need to safeguard their businesses.



The easy-to-action measures outlined in this blog can assist small businesses in staying protected.

New Research Highlights Small Business Cyber Security Gaps

Cyber Wardens  is an initiative of the Council of Small Business Organisations of Australia, supported by the Australian Government. The initiative is designed to build a cyber-smart small business workforce.

Over the past year, Cyber Wardens has spoken with over 2,000 small business owners and employees about cyber safety. The research indicates every small business is different in their awareness of cyber safety, level of concern, and preparedness to respond to cyber threats.

To assist small businesses in creating a cyber safe environment, the program now offers a range of helpful resources and tools. The Cyber Wardens  eLearning  training course takes 45 minutes to complete on any device and is free to all Australian small businesses.



Read the full Cyber Wardens Research Report for more information.

Five Cyber Security Must-Do’s for Small Businesses in 2024

1. Enable multi-factor authentication (MFA).

Multi-factor authentication (MFA) adds an additional layer of security to your accounts, making it harder for cybercriminals to access them. It is one of the most effective ways to protect your accounts from unauthorised access, so you should use it wherever possible.



Utilising a third-party authenticator app for each online service enhances security by generating unique, time-sensitive codes that are linked to your accounts. Two great options to consider are  Microsoft Authenticator  and  Google Authenticator .

2. Use strong and unique passwords.

Many small businesses encounter cyber attacks due to inadequate password practices. It’s essential to consistently safeguard your accounts with strong passwords or passphrases.



If you have numerous accounts, a password manager functions as a virtual safe for your passwords. It allows you to generate and securely store unique passwords for each of your accounts, removing the burden of memorising them.

3. Regularly update your software.

Ensuring your software remains up to date stands as one of the most effective methods to safeguard your business against cyber attacks. Given that new security vulnerabilities are discovered all the time, it’s imperative not to overlook prompts to update your operating system and other software.



However, if your device or software is outdated, updates may no longer be accessible. If the manufacturer has stopped supporting the product with updates, you should consider upgrading to a newer product to maintain security. Examples of systems that no longer receive major updates are the iPhone 7 and  Microsoft Windows 7 .

4. Educate and prepare your employees.

Employees with good cyber security practices are your first line of defence against cyber attacks. It is essential to implement ongoing, relevant, and engaging security awareness training for everyone in your business.



You might consider educating your employees with a formal course or internal training. However, it’s crucial to note that cyber security training is not a one-time obligation and should be regularly refreshed.

5. Regularly and securely back up your data.

Backing up important information should be a routine or automatic practice within your business. Failing to maintain regular backups could make it impossible to recover your data following a cyber attack.

Numerous methods and products exist for backing up your information. The best option will differ for each business, so speak with an IT professional if you are unsure.



Visit  localsearch.com.au  to find an IT professional in your area.

Bonus Tip

Websites are a key target for cyber attacks

.

Safeguard your website from being hijacked by following some basic security measures:



• Secure your website login with multi-factor authentication or a strong password.
• Regularly update your website’s content management systems and plugins.
• Back up your website regularly so you can restore it in the event of a cyber attack.