Here are “three quick steps” to protecting your business against cyber attacks.
The Commonwealth Government's Australian Small Business and Family Enterprise Ombudsman has published The Small Business Cyber Security Best Practice Guide which offers “three quick steps to serenity”.
The single-page guide points out that small businesses are the target of 43 percent of cyber crimes, and that 22 percent of small businesses hit by ransomware were unable to continue operating.
That should be enough to get any small business operator's attention.
“Online threats are just as real as physical threats. Cyber security needs to be taken seriously, like having locks on your doors and a burglar alarm,” said Ombudsman Kate Carnell.
ASBFEO's “three quick steps” are prevention, well-being and response.
The suggested prevention measures should be familiar to most Business IT readers: backup regularly, patch promptly, use complex passwords and two-step authentication, and limit access to admin accounts and sensitive information.
ADBFEO recommends businesses ensure their people understand safe practices, and are frequently reminded of cybersecurity issues. They also need to ensure that only trusted software is allowed onto systems, and only safe websites are visited.
If something bad happens, tell staff and report the incident to relevant authorities. Many situations including ransomware attacks can be recovered by restoring from a recent backup. (Some additional work may be needed to reflect work done between the last backup and the incident, and it makes sense to take measures to prevent a repeat occurrence - most widespread malware exploits software flaws that have already been addressed by the vendors, so double-check that all relevant updates have been applied.)
For a more comprehensive list of measures, ASBFEO recommends the Australian Signals Directorate's Essential Eight security strategies, which we have covered previously.