HLB Mann Judd claims that when it comes to reacting to cyber security issues, the local SME sector falls behind its international counterparts.
According to Kapil Kukreja, a partner at the firm’s Melbourne office, this is partial because small firms are not compelled to report computer intrusions.
Particularly in Australia, where organizations with an annual turnover of more than $3 million are required to disclose cyberattacks under the Mandatory Reporting of Data Breaches Act. Businesses with an annual revenue of under $3 million are not required to, nevertheless.
Given that 99.8% of Australian firms are small and medium-sized enterprises, Mr. Kukreja said, “it does create a big mismatch in recognizing the real amount of cybercrime across the country.”
Also Read: How India’s Trade Deals With UAE And Australia Will Affect MSME Exports
“In other cases, SMEs that were the target of a cyber security assault failed within six months. Business owners must take greater responsibility for their operations and make sure they are protected against an attack.
While pointing out that there is an opportunity for development in every industry, Mr. Kukreja noted this is especially true for SMEs.
He asserts that every company should devote 1% to 5% of its annual revenue on cyber security.
The complexity of the firm’s systems, the nature of the business, and other considerations will all affect how this guidance is used. It’s about smart expenditure and it can’t be an afterthought, he said, adding that the issue for SMEs is that they need to put aside money in addition to having a defined cyber strategy and response plan.
Mr. Kukreja gave the SMEs the advice below for preventing a cyber breach:
- Make the board and others in charge of governance responsible for cyber security; it is a strategic governance problem and not only the job of the IT department.
- As advised by the Australian Signals Directorate (ASD), advises all Australian firms, to use the Essential Eight framework to increase their baseline of cyber security and resilience.
- Implement cyber security solutions.
- Consider running a stress test; there are businesses that can mimic a hack of a company to find IT infrastructure weaknesses.
- Forbid all workers from downloading any applications or software. Every unapproved app or piece of software offers a hacker a chance.
- Review the data that must be gathered and retained on customers and suppliers, and remove anything that is no longer necessary or relevant.
Also Read: SMEs Receive Over Rs 500 Million In Loans From TradeIndia In Six Months