Growth Customer Experience Productivity Business IQ Trends Success Stories Tech Solutions Awards Business Tools Subscribe Tech Enquiry

Cyber security: Is your business cyber-secure? Take our interactive quiz

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Key findings of the Telstra Security Report 2019
  • Since the introduction of the Notifiable Data Breaches Scheme and the General Data Protection Regulation (GDPR) 55% of organisations believe that have been fined for being in breach of such legislations.
  • 1 in 4 business don’t have an incident response plan in place to deal with damaging cyber-attacks when they happen.
  • 65% of Australian businesses were interrupted due to a breach last year, with 89% saying they have had breaches go undetected.
  • 83% of organisations spend up to 20% of their IT budget on security.

Cyber security is a hot topic across the business world. Whether your business is big, small, or somewhere in between, data protection is now essential for you to gain and maintain trust.

Recent changes here in Australia to the Privacy Act 2018, have focussed the spotlight on cyber security. As a business owner, now is the time to explore how to best protect yourself; your customers, suppliers, and partners will want the assurance that you’re keeping their data safe. So now instead of a general expense, cyber security is both a selling point and a must-have.

Cyber security quiz

  • If your business was subject to a ransomware attack, would you pay the demand?

    • Yes, I need my business back online ASAP.
    • No, I can safely restore my data to a new device from the cloud.
    • Yes, but I’d then look into ways to protect my business from future attacks.
    • I don’t think it would happen. My business is too small for attacks.
    A B C D
    High Risk
    Medium Risk
    Medium Risk
    Low Risk
    Did you know that ransomware is a type of malware (malicious software) that infects your computer or device and demands a ransom? It works by preventing access to your all-important files. There are a few types – non-encrypting, encrypting, leakware (doxware), and mobile ransomware. These can collect your personal details, attack other computers in your network, or can corrupt all your data.

    While paying the demand might get your data back, it’s only a temporary solution and once a business is hacked, they usually experience ongoing issues. As the saying goes: prevention is better than cure. If your system has been infected, you’ll need a complete rebuild of the operating system and restoration of information from a secure backup.
  • To protect your business, do you have antivirus software installed?

    • Yes, my computer came with it pre-installed.
    • Yes, I purchased antivirus software when I purchased my computer.
    • No, I don’t need it – I have a Mac.
    • No, I use in-built protection.
    A B C D
    Low Risk
    Low Risk
    High Risk
    High Risk
    To shore up your cyber security, it takes more than checking antivirus software is installed on your business’s computers. Every day, technological advancement presents us all the challenge of keeping up with the changes – and tech is changing at an ever-faster rate.

    Increased adoption of the cloud and mobile connectivity has raised new challenges for SMBs. Broadly, endpoint protection like McAfee Endpoint Protection Essential for SMB is the standard for small-to-medium businesses, and its variants generally include cloud management, antivirus, anti-spyware, endpoint firewall, and web control.
  • Do you have antivirus installed on your mobile devices like your tablet and phone?

    • I don’t need anything for my phone.
    • My main computer has protection – that’s adequate.
    • Yes, I have additional endpoint protection.
    • In a way. I have a data management program so I can erase my data remotely if needed.
    A B C D
    Medium Risk
    Medium Risk
    Low Risk
    Medium Risk
    Should SMB smartphones and tablets have dedicated antivirus installed? The answer isn’t yes or no, it depends on the scope of protection your business needs. Your network’s cybersecurity is only as strong as its weakest link, whether that’s an untrained staff member or an outdated smartphone. Again, this is where endpoint security can come in – that integrated combination of cloud management, anti-virus, anti-spyware, endpoint firewall, and web control.

    This approach when combined with a mobile device management tool – a product which restricts the features of the smartphone or tablet to stop, for example, the installation of an app that might be infected – is a robust duo. If you make the decision to adopt neither of these options, dedicated antivirus on your devices should be the bare minimum.
  • Are you aware of your requirements to report data breaches under the Federal Government’s Privacy Act 2018?

    • This only applies to businesses bigger than mine.
    • No. What legislation?
    • I’m aware of it but I’m unsure of my specific obligations.
    • Yes, and I have systems in place that safeguard my data.
    A B C D
    Low Risk
    High Risk
    Medium Risk
    Low Risk
    The latest report from the Office of the Australian Information Commissioner paints a picture that all SMBs need to see. A year into one of the key functions of the Act, the country’s notifiable data breach scheme, the office has received 812 reports where consumer data has been lost, stolen or shared with the wrong people. Almost half, 47 per cent, have involved financial details. The most common causes of breaches are malicious attacks, human error, and system faults. All organisations covered by the act must log a report when a data breach might cause harm.
  • Are your employees’ devices protected?

    • Yes, they are supplied equipment with integrated protection.
    • I don’t know, they use their own personal devices at work.
    • They don’t work on the main server, so I don’t think they need it.
    • Yes, they all have endpoint protection on the devices they use to interact with the business.
    A B C D
    Low Risk
    High Risk
    Medium Risk
    Low Risk
    A good rule of thumb is that any device working on a network or server is a potential entry point for a cybersecurity breach. Antivirus or anti-malware is just the tip of the iceberg when it comes to device protection, and endpoint protection combined with mobile device management is a good foundation.

    You can take it one step further with additional security. Features like containerisation (putting a wall between an employee’s work and personal usage), remote wipe (to erase sensitive data if the device is compromised or a device is lost), anti-spam products (for text or call spam), and sim monitoring products (which can alert you to smartphone or device in the wrong hands), might be the extra help you need.
  • Do you have email and internet browser security add-ons installed?

    • Yes. I use whitelists, prefilters, and password agents.
    • I don’t think so. But I do keep my passwords safe and regularly change them.
    • No. But I’m aware of the fact that browser settings can help block 3rd party cookies.
    • No. I think my passwords are enough.
    A B C D
    Low Risk
    Medium Risk
    Medium Risk
    High Risk
    A white-list is a list of email addresses or domains that your security software will allow data from. In a sense, it’s the inverse of a spam filter, which will actively block addresses or domains you don’t wish to hear from. A pre-filter redirects mail via a filtering server that sorts your mail. While a reputable password agent will create robust passwords for your use online, and pop-up blockers will keep you away from nefarious websites.
  • What is your practice when it comes to scanning for malware and viruses?

    • I make sure that both scans are scheduled daily.
    • I have scans scheduled for roughly once per week.
    • My antivirus and malware are set to manual. I run scans when I remember to.
    • I don’t run scans, as far as I know. I figure the software will do the job.
    A B C D
    Low Risk
    Medium Risk
    High Risk
    High Risk
    Scanning is only effective if your equipment’s software is up to date, including the operating system. Matthew Wilson, CEO of Australian cybersecurity specialist Penten, says: "Installing security updates is the number one control that needs to be in place for organisations, as it will neutralise many of the threats that you face. Malware only works because there’s a vulnerability in the software, and often it’s a published vulnerability which has already been fixed in the latest update. Attackers are simply relying on the fact that many businesses fail to install these updates."

Secure your business. Download the Telstra Security Report 2019.

For comprehensive analysis and essential information and insights into cyber security today, get the Telstra Security Report 2019.

Unlock your insights now.

By subscribing here you consent to receiving marketing from Smarter Business™ separate to any preferences you may have with Telstra. You will continue to receive marketing communications from Smarter Business™ unless you unsubscribe. You may continue to receive marketing communications from Telstra until you unsubscribe using the contact information in our privacy statement.

By submitting this form you are consenting to Smarter Business™, Telstra or a third party contacting you, including by telephone, about products offered through Telstra. Your name and other details provided will be collected, stored and may be used for online targeted advertising by Smarter Business™ and Telstra in accordance with our privacy statement.

Twitter Headquarters San Francisco Canteen
Business IQ
Business IQ
Leadership lessons from Airbnb and Twitter

Airbnb and Twitter both can offer some brilliant lessons in scaling up to achieve global supremacy. Though as Morris Kaplan explains, leaders of fast-growth companies rarely ge...

woman sat on desk whilst hugging latptop screen
Tech Solutions
Tech Solutions
How Cloud computing can really save your business

IT experts have been praising the cost savings and productivity boosts of cloud storage technology for years. But what does that mean for small businesses in the real world? It...

Christmas criminal Christmas present
Business IQ
Business IQ
Steer clear of net nasties this christmas

Think twice before opening that digital Christmas card or clicking on that festive-looking link, internet security experts and consumer authorities warn. That animated Santa Cl...

dog
Customer Experience
Customer Experience
How to inspire customer loyalty

A customer loyalty program is much more than a card-based reward system. It's a way to create brand fanatics. 2018 research by Mastercard shows that 9 out of 10 Australians bel...