SMEs facing cyber-security risk, warns Deloitte
Small professional services firms in Australia are facing significant challenges in implementing effective cyber-security infrastructure to avoid being targeted by budding cyber criminals, Deloitte’s cyber-risk leader has warned.
Speaking to SMSF Adviser’s sister publication AccountantsDaily, James Nunn-Price, Deloitte’s Asia-Pacific cyber-risk leader, said smaller firms and professionals face “a real challenge” in implementing effective cyber security, particularly as Australia itself has become an ideal target for cyber criminals.
“Australian businesses are falling victim to either denial of service attacks or what we call ‘crypto locker’ attacks, which encrypt all of your data,” he said.
“A sizeable minority of people pay the ransom and that has made Australia a target, because the criminals are thinking that they can make more money from Australia."
Mr Nunn-Price urged firms to follow, at minimum, three or four basic steps when it comes to cyber security to avoid becoming "the low-hanging fruit", including keeping IT systems up to date, using good passwords and maintaining a high level of user awareness.
“If smaller organisations can do that, then they’re not the lower-hanging fruit, and other people will be targeted first,” he said.
While outsourcing IT operations to a cloud provider can drastically improve security operations, “certainly better than you can do in-house”, Mr Nunn-Price said, he added that it was vital to ensure that firms have at least one in-house staff member to oversee the service.
“They should definitely have someone in-house who’s responsible for it and has a good understanding of it,” he said.
Mr Nunn-Price’s comments come after the launch of Deloitte’s 24/7 Australian Cyber Intelligence Centre, which links regional and global networks to allow the firm to provide global cyber intelligence services.
He highlighted the importance of connecting to a global infrastructure for threat prevention.
“These strategically placed centres enable a deep understanding of local markets, language, threats, regulatory security and privacy variations,” he said.
Mr Nunn-Price added that the firm offers cyber intelligence services to many professions. While there are no accountancy firms on board, he stated that “it is certainly not precluded from being bought as a service by smaller accountants from us”.