Article | Performance & Productivity

Cybersecurity Critical for Business Functionality

Much has been said about the importance of cybersecurity over the years. In 2020, businesses of all makes and sizes generally have some manner of a cybersecurity framework. However, Gartner projections have showed slowing growth in cybersecurity spend, as executives grow frustrated at changing regulations and question the return on investment after years of heavy spending.ⁱ

This trend among businesses is concerning. With every new system or device that is connected to the internet, the potential and success for a cyber-attack is continuing to grow. Furthermore, businesses can’t afford to slacken on their cybersecurity spend as cyber criminals are becoming more sophisticated and increasingly ambitious in their attacks.

As the lines blur between business models and the technology that supports them, business leaders across the spectrum need to recognise the security priorities that impact their business outcomes. For today’s cybersecurity decisions will shape tomorrow’s success and resilience.

Cyber attacks cost Aussie businesses up to $300 million a year

Cybersecurity is critical to any business no matter its size. From email correspondence and paying invoices, to collaborative work documents and spreadsheets, businesses rely on technology in order to be constantly connected. However, when these connections are threatened or compromised, it can have a disastrous effect on the business. Small businesses are especially susceptible as nearly half of all cybersecurity attacks targeted at SMBs, leaving 88% of SMB decision makers feeling vulnerable.ⁱⁱ

Cybersecurity is about protecting business technology and information from attacks that can result in accidental or illegal access including theft, damage or corruption.

Today, attacks take a variety of forms including:

• Phishing – fake messages to trick staff into giving out private personal, commercial or financial details.
• Pharming – malicious codes or links that takes one to a fake version of a legitimate website.
• Malware – malicious software to steal confidential information or install damaging programs without any knowledge.
• Ransomware – a type of malware that holds a system or device to ransom in order to unlock said device.
• Imposter scams – whereby someone pretends to be someone of power within a business like a CEO or a supplier asking for payment or to make a purchase.

Cyber-attacks cost Australian business up to $300 million per year.ⁱⁱⁱ Not only do they cause significant financial damage; they also carry reputational risk. Cyber-attacks can damage a business' reputation and erode customer trust.

Having effective and constant cybersecurity is important for all businesses of all makes and sizes. Businesses can best build their cybersecurity by taking it into account in their overall business decisions, rather than the traditional consideration of cybersecurity as a mere extension of IT.

Information security and its importance

In our increasingly interconnected environment accelerated by COVID-19 and the move to work from home, information is exposed to a growing number and wider variety of risks. For many companies, information and data is their most important asset, so protecting it from these diverse risks is essential. Furthermore, unsecure customer data, if leaked, can incur massive losses, potential lawsuits and substantial financial penalties

Information security is important as it protects information from unauthorised access, use, disclosure, disruption, modification or destruction. Today, both management and IT are responsible for the information security strategy. However, in SMBs this job may sit with just one person. For smaller enterprises, investing in a Managed Service Provider (MSP) may make all the difference, as they can safeguard company data around the clock through real-time protection.

Best practices

There are many things businesses can do to ensure they have a robust cybersecurity strategy. These include backing up data, securing all devices, keeping all software updated and encrypting all important information.

A key method to improve cybersecurity readiness by treating it as a choice and a business decision. Create adequate, reasonable, consistent, and effective controls that are credible and defensible with key stakeholders and customers. This can be done by using Gartner’s ‘CARE Standard for Cybersecurity’.

The CARE standard supports a balance between cyber protection and regular business decisions. It is also an incentive to build a better security capability that delivers better outcome and not just blindly spending money on security.

For SMBs, consider a Managed Service Provider like Lenovo. With an MSP, businesses are protected at all hours of the day through round the clock security. With real-time protection, business owners can focus on the day to day, instead of worrying about a breach. In addition, an MSP can pro-actively monitor security situations, instead of only responding once a critical security event arises.

 

---

_{ⁱ Gartner. “Gartner Forecasts Worldwide Security and Risk Management Spending Growth to Slow but Remain Positive in 2020” - https://www.gartner.com/en/newsroom/press-releases/2020-06-17-gartner-forecasts-worldwide-security-and-risk-managem
ⁱⁱ Small Biz Trends. “Small Business Cyber Attack Statistics.”
ⁱⁱⁱ Cyber Security and Australian Small Businesses - https://www.cyber.gov.au/sites/default/files/2020-07/ACSC%20Small%20Business%20Survey%20Report.pdf}