In recent years Cybersecurity risks have become more prominent in the minds of business owners. The World events of 2020 have only exacerbated this risk with the swift changes that were made to the working conditions of employees in all industries. In the last 6 months Cyber attacks have become even more pervasive and sophisticated with Cyber criminals determined to take advantage of our changed working conditions.
Whilst we know Cyber attacks on our business systems are a major risk, we are often unsure of how to measure the risk within our business. In recent years, our methods of measuring cyber risk have evolved with much thanks to credit rating agencies, investors, and insurance companies.
Many experts believe that the time has come to not just measure the risk based on third-party evaluations but holistic assessments that consider technical analysis, governance, culture, and the financial impact of adverse cyber events. Such assessments would enable executives to establish their company’s tolerance for cyber risk, define the outcomes that are most important in guiding cybersecurity investment, and be able to foster a culture of cybersecurity and resilience.
At its most basic level, a third-party cyber risk assessment shows how well a company has implemented defences designed to protect it from a cyber-attack, whether it is a disruption of its products and services, a breach of its confidential data, or fraud driven by a cyberattack. These assessments also measure how well a company has prepared itself to defend against and recover from such attacks — its cyber resilience. This is a critical component of its broader enterprise risk-management strategy.
Given the increasing focus on Cyber Security it was encouraging to see the Government releasing their Cyber Security Strategy. They have provided a funding commitment of $63.2 million to support businesses in the SME sector. This support will encompass the following initiatives:
- Expansion of the ACSC’s 24/7 cyber security hotline to provide cyber security advice and technical assistance.
- New Cyber Security Connect and Protect Program to equip organisations to raise the cyber security of local SMEs.
- Placement of outreach officers in Joint Cyber Security Centres.
- Roll-out of threat-blocking technology to counter known malicious cyber threats before they reach consumers and businesses.
- ACSC Small Business Cyber Security Guide providing tailored advice to protect against the most common cyber security incidents.
- ACSC Step-by-Step and Quick Wins Guides
- ACSC Stay Smart Online Program to promote best practice cyber security advice.
- Cyber security awareness toolkits published on gov.au.
- Dedicated online cyber security training program for SME’s hosted on cyber.gov.au.
- Strengthened law enforcement capabilities to identify and disrupt cyber criminals targeting Australian businesses.
These measures will help small to medium size businesses to become more risk aware and take measures to prevent the debilitating effects of a Cyber-attack.
One of the key features of Cyber Insurance is an incident response team who can best assist you in dealing with a cyber attack and get your business operational again. This can be invaluable to a small business who can’t afford to be offline for a lengthy amount of time.
Barrack Broking is here to assist
If you have any queries regarding Cyber Security, risk consulting and Enterprise Risk Management, contact us for a confidential discussion: Phone 02 9191 7320 or email [email protected].
