When it comes to business cyber risk, laid-back Aussies aren't equipped with the most defensive mindset, says Fergus Brooks, national practice leader of cyber risk at Aon Risk Solutions.
“Australians think ‘We’ll be alright, we haven’t been hacked and it won’t happen any time soon’,” says Brooks, who spent 20 years in the IT sector before moving to the global insurance-broking firm.
The irony is, however, that many who believe she'll be right could already be compromised, as the average time it takes to detect a data breach is 210 days.
Another trap Aussie professional services fall into is thinking they’re too small a target for cyber criminals to bother.
Yet research shows businesses with 10,000 records have approximately a 26 per cent chance of experiencing a data breach over two years, while companies with over 100,000 records have a probability of less than one per cent.
“Large companies tend to have intrusion detection systems. Criminals don’t tend to go after someone who's actually watching. That makes SMEs an easier target,” Brooks says.
“Plus, criminals don't discriminate – they don't care if you’re a psychiatrist with just 50 people's health records. If they can sell them on the dark market for $200 a pop, it's worth it.”
Australia's increasing reliance on networks, cloud technology and computing systems is only further exposing organisations to cyber-crime.
“We've really seen organised crime take the bull by the horns in terms of monetising their crime,” Brooks explains.
The big scores are credit card details and health records, he notes, but any business connected to the internet is a target. For example, hackers can seize control of your system and records, only releasing them if you cough up a $10,000 ransom within 72 hours. Or not: It’s new-age Russian Roulette.
Another trend shaking up the IT security world is the Internet of Things (IoT), an interconnected system incorporating everything from a smart watch, to an industrial control system for a power plant, to a driverless car.
“Devices have become so ubiquitous. We each have three or four internet-connected devices, and the only unhackable device is one that isn't connected to the internet,” Brooks notes.
Then there's the cloud. One misguided line Brooks often hears from SMEs is “our stuff is in the cloud, so we'll be ok”.
“I always tell them ‘no, you can't be completely secure. Because if you were, you’d be better than the FBI, Google and IBM – all of which have been hacked’,” he explains.
Social media, combined with heightened media attention to breaches, means your business reputation has never been more exposed. In fact, businesses that lose confidential information to hackers suffer about an 18 per cent decline in brand value.
“If you’re a trusted adviser, as professional service firms are to their customers, there’s going to be an element of breach of trust,” says Brooks.
Then there are also potential costs for business interruption, customer notification, lawyers, public relations experts, credit card monitoring services, fines and penalties from the privacy commissioner, and soon a mandatory breach notification.
While Aon’s 2015 Global Cyber Impact Report shows that 59 per cent of large corporates that suffer a cyber attack lose between $1 million and $100m in business interruption expenses alone, the consequences for your average Australian SME aren’t particularly palatable either.
For example, Brooks says the notorious ransomware trojan CryptoLocker, which is propagated via infected email attachments, usually costs an Australian SME about $20,000 - not an amount to be sneezed at when it could be covered with an insurance premium of about $1000.
Whether you’re in the ASX 500, or a plain old mum and dad operation selling knitwear patterns online, it's important to have a cyber incident response plan ready to go - even if you don’t take out cyber insurance coverage.
“It only has to be a one-page document that you and your staff can refer to if you find out you've lost valuable customer information, or have an extortion attempt,” Brooks says.
The beauty of a good cyber crime insurance policy, adds Brooks, is it includes an incident response team that moves in quickly to contain the damage.
“There's a number to call and all of a sudden you've got people there to help you - lawyers, credit monitoring services, etc - so you're not running around making mistakes,” he says.
The other crucial element of a cyber insurance policy is third party coverage.
“That includes fines, penalties, notification costs, as well as the cost of business interruption,” says Brooks.
“Those are the two key components of a good cyber policy. Traditionally we would have said get a decent firewall and put in anti-virus. But everyone knows that now.”
Regardless of whether it's feasible for your business to take out cyber insurance, Brooks says it's important to at least consider the financial implications a breach would have on your business, as well as ways to deter attacks and minimise damage.
“I'm completely biased, but I've seen some pretty crippling incidents. I've also seen some pretty bad IT infrastructure that's just dying to be compromised,” he says.
“Something will happen at some stage, it's just a matter of how severe and how well you handle it.”
The articles represent the views of the authors and not necessarily that of the Bank. You should seek independent professional advice before acting on any matters set out in the articles.
This article was originally published on Westpac's Business Focus on February 9.
{"topicSelector":[{"tagId":"newsroom:topics/economy","name":"economy","description":"Explore more Economy insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Economy","url":"/news/topic.economy/"},{"tagId":"newsroom:topics/banking","name":"banking","description":"Explore more Banking insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Banking","url":"/news/topic.banking/"},{"tagId":"newsroom:topics/digital","name":"digital","description":"Explore more Digital insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Digital","url":"/news/topic.digital/"},{"tagId":"newsroom:topics/workplace","name":"workplace","description":"Explore more workplace insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Workplace","url":"/news/topic.workplace/"},{"tagId":"newsroom:topics/diversity","name":"diversity","description":"Explore more Diversity insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Diversity","url":"/news/topic.diversity/"},{"tagId":"newsroom:topics/sustainability","name":"sustainability","description":"Explore more sustainability insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Sustainability","url":"/news/topic.sustainability/"},{"tagId":"newsroom:topics/technology","name":"technology","description":"Explore more Technology insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Technology","url":"/news/topic.technology/"},{"tagId":"newsroom:topics/community","name":"community","description":"Explore more community insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Community","url":"/news/topic.community/"},{"tagId":"newsroom:topics/property","name":"property","description":"Explore more Property insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Property","url":"/news/topic.property/"},{"tagId":"newsroom:topics/innovators","name":"innovators","description":"Explore more Innovators insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Innovators","url":"/news/topic.innovators/"},{"tagId":"newsroom:topics/sme","name":"sme","description":"Explore more Small Medium Enterprise insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"SME","url":"/news/topic.sme/"},{"tagId":"newsroom:topics/westpac","name":"westpac","description":"Stories featuring Westpac corporate news.","title":"Westpac","url":"/news/topic.westpac/"},{"tagId":"newsroom:topics/leadership","name":"leadership","description":"Explore more Leadership insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Leadership","url":"/news/topic.leadership/"},{"tagId":"newsroom:topics/covid19","name":"covid19","description":"Stories influenced by the COVID-19 pandemic.","title":"COVID-19","url":"/news/topic.covid19/"},{"tagId":"newsroom:topics/investing","name":"investing","description":"Explore more Innovators insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Investing","url":"/news/topic.investing/"},{"tagId":"newsroom:topics/startups","name":"startups","description":"Explore more Startups insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Startups","url":"/news/topic.startups/"},{"tagId":"newsroom:topics/agribusiness","name":"agribusiness","description":"Explore more Agribusiness insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Agribusiness","url":"/news/topic.agribusiness/"},{"tagId":"newsroom:topics/billsbites","name":"billsbites","description":"Explore more insights from Bill Evans at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Bill\u0027s Bites","url":"/news/topic.billsbites/"},{"tagId":"newsroom:topics/data","name":"data","description":"Explore more data insights at Westpac Wire.","title":"Data","url":"/news/topic.data/"},{"tagId":"newsroom:topics/personalfinance","name":"personalfinance","description":"Explore more insights about personal finance, financial literacy and financial wellbeing. ","title":"Personal finance","url":"/news/topic.personalfinance/"},{"tagId":"newsroom:topics/payments","name":"payments","description":"Explore more Payments insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Payments","url":"/news/topic.payments/"},{"tagId":"newsroom:topics/environment","name":"environment","description":"Explore more Environment insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Environment","url":"/news/topic.environment/"},{"tagId":"newsroom:topics/fintech","name":"fintech","description":"Explore more Fintech insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Fintech","url":"/news/topic.fintech/"},{"tagId":"newsroom:topics/scams","name":"scams","description":"Stories about the latest cyber scams news and trends. ","title":"Scams","url":"/news/topic.scams/"},{"tagId":"newsroom:topics/politics","name":"politics","description":"Explore more Politics insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Politics","url":"/news/topic.politics/"},{"tagId":"newsroom:topics/regulation","name":"regulation","description":"Explore more Regulation insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Regulation","url":"/news/topic.regulation/"},{"tagId":"newsroom:topics/career","name":"career","description":"Stories providing career insights, tips and trends.","title":"Career","url":"/news/topic.career/"},{"tagId":"newsroom:topics/social-enterprise","name":"social-enterprise","description":"Stories relevant to or featuring social enterprises.","title":"Social enterprise","url":"/news/topic.social-enterprise/"},{"tagId":"newsroom:topics/indigenous","name":"indigenous","description":"Explore more indigenous insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Indigenous","url":"/news/topic.indigenous/"},{"tagId":"newsroom:topics/superannuation","name":"superannuation","description":"Explore more Superannuation insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Superannuation","url":"/news/topic.superannuation/"},{"tagId":"newsroom:topics/wellbeing","name":"wellbeing","description":"Stories featuring wellbeing trends, insights and stories.","title":"Wellbeing","url":"/news/topic.wellbeing/"},{"tagId":"newsroom:topics/reinventure","name":"reinventure","description":"Explore more Reinventure insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Reinventure","url":"/news/topic.reinventure/"},{"tagId":"newsroom:topics/westpac-scholars","name":"westpac-scholars","description":"Stories featuring Westpac Scholars. ","title":"Westpac Scholars","url":"/news/topic.westpac-scholars/"},{"tagId":"newsroom:topics/asia","name":"asia","description":"Explore more Asia insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Asia","url":"/news/topic.asia/"},{"tagId":"newsroom:topics/podcast","name":"podcast","description":"Explore Westpac Wire\u0027s podcast series.","title":"Podcast","url":"/news/topic.podcast/"},{"tagId":"newsroom:topics/businesses-of-tomorrow","name":"businesses-of-tomorrow","description":"Stories featuring Westpac Businesses of Tomorrow program winners. ","title":"Westpac Businesses of Tomorrow","url":"/news/topic.businesses-of-tomorrow/"},{"tagId":"newsroom:topics/history","name":"history","description":"Stories unearthed from Westpac\u0027s private archival collection. ","title":"History","url":"/news/topic.history/"},{"tagId":"newsroom:topics/tax","name":"tax","description":"Explore more tax insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Tax","url":"/news/topic.tax/"},{"tagId":"newsroom:topics/opinion","name":"opinion","description":"Expert opinions and insights. ","title":"Opinion","url":"/news/topic.opinion/"},{"tagId":"newsroom:topics/goodpair","name":"goodpair","description":"Explore more Good Pair stories, showing two people making a big difference together. ","title":"Good Pair","url":"/news/topic.goodpair/"},{"tagId":"newsroom:topics/deals","name":"deals","description":"Explore more Deals insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Deals","url":"/news/topic.deals/"},{"tagId":"newsroom:topics/analysis","name":"analysis","description":"Expert analysis on economic news and other trends.","title":"Analysis","url":"/news/topic.analysis/"},{"tagId":"newsroom:topics/IWD","name":"IWD","description":"Stories focusing on International Women\u0027s Day, on 8 March annually. ","title":"IWD ","url":"/news/topic.IWD/"},{"tagId":"newsroom:topics/currencies","name":"currencies","description":"Stories providing currencies insights, tips and trends.","title":"Currencies","url":"/news/topic.currencies/"},{"tagId":"newsroom:topics/veterans","name":"veterans","description":"Explore more insights about defence force veterans at Westpac Wire.","title":"Veterans","url":"/news/topic.veterans/"},{"tagId":"newsroom:topics/rework","name":"rework","description":"Stories of businesses pivoting in the face of the COVID-19 pandemic.","title":"Rework","url":"/news/topic.rework/"},{"tagId":"newsroom:topics/luciscall","name":"luciscall","description":"Explore more insights from Westpac\u0027s chief economist Luci Ellis at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Luci\u0027s Call","url":"/news/topic.luciscall/"},{"tagId":"newsroom:topics/10Qs","name":"10Qs","description":"\"10Qs with...\" is a series that asks leaders what makes them tick.","title":"10Qs","url":"/news/topic.10Qs/"},{"tagId":"newsroom:topics/quarterlife","name":"quarterlife","description":"Explore more Quarter Life insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Quarter Life","url":"/news/topic.quarterlife/"},{"tagId":"newsroom:topics/commodities","name":"commodities","description":"Insights into commodities markets.","title":"Commodities","url":"/news/topic.commodities/"},{"tagId":"newsroom:topics/shareholders","name":"shareholders","description":"Stories relevant to Westpac shareholders.","title":"Shareholders","url":"/news/topic.shareholders/"},{"tagId":"newsroom:topics/climate","name":"climate","description":"Explore more climate insights at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"Climate ","url":"/news/topic.climate/"},{"tagId":"newsroom:topics/esg","name":"esg","description":"Explore more insights on environmental, social and governance issues at Westpac Wire. Subscribe to the Westpac Wire newsletter to stay in the know.","title":"ESG","url":"/news/topic.esg/"},{"tagId":"newsroom:topics/boardwalk","name":"boardwalk","description":"A series of in-depth podcast interviews with board directors to find out what\u0027s on their minds. ","title":"Board Walk","url":"/news/topic.boardwalk/"}]}
