The cost of cybercrime to businesses in Australia is rising exponentially, costing Australians an estimated $1 billion each year. A new report specifically investigating cyber security awareness amongst small and medium-sized enterprises (SMEs) across Australia has been released. 

The report is the result of a partnership between the Office of the NSW Small Business Commissioner and the Victorian, South Australian and Western Australian Small Business Commissioners, the Queensland Small Business Champion, and the Australian Small Business and Family Enterprise Ombudsman.

The national survey focused on SMEs across Australia— businesses employing fewer than 200 full-time equivalent employees. This resulted in a total of 1019 respondents. The survey provides evidence-based insights that will enable governments to increase cyber security awareness for small businesses, with the ultimate aim of making Australia a safer place for small businesses to conduct business online.

Cybercrime is a dishonest or criminal activity online or by phone that can include instances of deceptive conduct. Incidents include distribution of malicious software or viruses; online or phone scams; theft of critical business information; fake over payments; fake invoicing; and hacking a business in order to obtain customer details, or as a way to gain access to a supplier’s computer network.

Globally, cybercrime costs businesses more than $3 trillion annually and it is anticipated that by 2021 this will exceed $6 trillion.

According to the survey, 42 per cent of SMEs nationwide believe they can protect their business from cybercrime by limiting their online presence, overlooking some of the significant economic benefits of a greater presence online. 

Despite this, 55% per cent of SME owner-operators continue to unknowingly expose themselves to cybersecurity risks through their most frequented online activities—sending and receiving emails and operating social media.

The national survey shows that 40 per cent of cybercrime events are costing between $1,000 and $5,000 and for two out of every three businesses these costs are not recovered.

What can you do to protect your business? The report suggests a few simple things businesses should do. 

•    Keep software applications up-to-date by enabling automatic updates to install latest security patches. 
•    Move your corporate emails to a cloud-based email service and resist the temptation to blend personal and business accounts, keeping higher-risk personal subscriptions separate. 
•    Train up your team with toolbox talks to speak up about suspicious emails. 
•    Back up business data to a separate and secure location, such as a cloud based service or external hard drive. Do it regularly and verify backups are correct. 
•    Install security software so as to prevent unauthorized connections and scan regularly for malware.
•    Use a catchphrase or passphrase, rather than just a password, and use a password management system. 

NSW Small Business Commissioner Robyn Hobbs said “There’s no doubt cybercrime is a risk which is why it’s so important that small businesses get informed, make a plan, engage with their service providers, and make the most of resources like the Australian government's StaySmartOnline service.”

“The survey found that many SMEs still don’t know where to get help to respond to cybercrime events so I’ll be working together with Small Business Commissioners in other states and with the Australian Government to help raise awareness,” she said.

View the full report here.