Research reveals extent of SMEs’ vulnerability to cyber attacks

Research reveals SMEs cyber attacks common / Inside Franchise Business Executive
Research reveals SMEs cyber attacks common / Inside Franchise Business Executive

New research reveals that 49 per cent of Australian small and medium-sized businesses have experienced a cyber attack in the last 12 months.

In the wake of these attacks, 25 per cent of SMEs lost data, 17 per cent had to shut operations until the issue was fixed, and eight per cent had to pay ransom to end the attack.

Phishing (30 per cent) was found to be the most common type of cyber attack, followed by malware attacks (21 per cent) according to the research.

“Our research shows that preparing for and mitigating cyber attacks is a key priority for business owners, with almost two-thirds planning to invest in cyber security measures in the next 12 months,” Richard Johnson, Westpac’s Group Chief Information Security Officer, said. “Almost 90 per cent of small-business owners in Australia admit they could do more to educate themselves about cyber attacks, which is why we are launching this playbook, to help them be better prepared to manage one if it occurs.

“In the 2020-21 financial year, cyber attacks accounted for $33 billion in self-reported losses nationwide,” Johnson added. “Unfortunately, we are seeing a further rise in these attacks, as online businesses boom and more employees continue to work from home separated from the office systems built by employers to counter cyber attacks.”

The research noted that 62 per cent of small and medium-sized businesses will invest in cyber security measures in the next 12 months, while 41 per cent said they have a cyber attack response plan in place.

In the wake of the findings, Westpac launched its Cyber Response Playbook which is aimed to help businesses manage a cyber attack.

“A cyber response plan is crucial for hitting the ground running if there is a cyber incident,” Derek Bopping, First Assistant Director-General, Cyber, Engagement and Strategy Divison, Australian Cyber Security Centre, said. “Too often, we see small- and medium-sized businesses lose days and weeks to cyber attacks, simply because they are not prepared and don’t know how to handle an attack. As threats continue to rise we encourage every business to spend time planning for a potential attack.”

This article was first published on sibling site Inside Small Business.