Important news for small business regarding Cyber Security

2022 was a bad year for hacks and scams, especially those targeting businesses. The third Annual Cyber Threat Report by the Australian Cyber Security Centre (ACSC) to June 2022 reported these scary statistics:

• An increase in financial losses due to business email compromise of over $98 million
• Over 76,0000 cybercrime reports (one every 7 minutes)
• A rise in the average cost per cybercrime report to over $39,000 for small business, $88,000 for medium business, and over $62,000 for large business

These are just some of the horrifying statistics in the ACSC annual report.

Cyber-crime is increasing and all businesses are vulnerable, especially those who handle sensitive personal and financial details.

There are already privacy laws in place, and these are about to be strengthened with recommended changes. If you don't make sure you are protecting client and employee information there may be consequences. These changes to The Privacy Act, as recommended by the Attorney General's Department, are in direct reaction to  protection of private and secure information, and can be found here.

All businesses have to currently operate under The Privacy Act, except those with a turnover under $3 million dollars.

However, all businesses in the following categories, must comply with the Privacy Act, regardless of their revenue: 

• is a health service provider
• trades in personal information
• provides services under a Commonwealth contract
• is a credit reporting body
• operates a residential tenancy database.

Under consideration within the proposal for The Privacy Act review is that all small businesses (regardless of their turnover and business model) should, in the future, be covered by the Act.

The proposed changes will include (but are not limited):

• Notifiable data breaches to be reported within 72 hours.
• Security and data retention policies and practices for all businesses.
• Improving the quality of privacy notices and record keeping.

In short, you need to make sure you are protected against cyber-crime, particularly in relation to safeguarding personal information. The community expects that their personal and financial information will be safe, and these proposed changes reflect that.

Loyal I.T. Solutions recommends that you can and should insure against breaches, and we advise that you undertake a Cyber Security assessment to check that you are fully protected, to ensure your insurance requirements are met. We can assist you in filling out your Cyber Security insurance and ensuring you meet the compliance requirements. Simply call 02 4337 0700 to discuss your critical cyber security needs.

.