DYNAMIQ IN THE NEWS: CYBERCRIME REMAINS PRIMARY THREAT TO AUSSIE BUSINESSES

Cybercrime is becoming increasingly costly for Australian businesses and many of those affected end up closing their doors. To enable our clients to better quantify their risk and benchmark their actions against similar businesses, Dynamiq has developed a new risk and resilience platform called Qantian.

Grant Chisnall, Dynamiq Client Experience Leader

The Australian Cyber Security Centre’s 2017 Threat Report said cyber espionage and cybercrime remain the primary threats to the Australian private sector and it’s affecting Australia’s competitive advantage. 

Cybercrime costs the Australian economy more than $1bn each year and the sobering reality is that nearly half of all cybercrimes are targeted at small business.

Small to medium enterprises don’t have large IT teams who can effectively deal with their cyber risks. As a result, organisations aren’t fully aware of the holes in their cyber armour, until it’s too late.

Cybercrime can debilitate a business. In the 2017 Ransomware attacks, more than 20 per cent of small businesses impacted were so affected they couldn’t continue operating.

The biggest problem is a lack of understanding of the risk. Often SME’s think if they have security software or insurance they’ll be ok but they’re just two of the bases you need to have covered.

SME's will also say they’re too small to be targeted by cybercriminals. However, small businesses are a soft target for criminals who want to make relatively easy money before moving on to their next victim.

A surprising fact to note is more than 90 per cent of the risk is with an organisation’s people. This is either staff mistakenly opening a phishing email, not using different passwords across multiple applications or divulging sensitive information as a result of social engineering by cyber criminals.

We know that anyone with a financial responsibility is a high value target and when you overlay this with the type of work they’re performing, it can greatly exacerbate the risk. There has been a recent spate of attacks targeting anyone with an Australian Financial Services Licence such as lawyers, accountants, brokers, financial planners and advisers, conveyancing firms and real estate agents.

The basic premise of these attacks involves accessing of their email through a vulnerability such as poor password control or through third party vendors to access their email accounts. They will monitor the traffic at important transaction times such as during the end of the month Rental Return or during a specific transaction for a house. They will change the account details and siphon the cash before the organisation reconciles the accounts. We have stories of whole property transactions being taken in this way. The effect on the individuals and the business who inadvertently allowed this to happen can be detrimental.

To enable our clients to better quantify their risk and benchmark their actions against similar businesses, Dynamiq has developed a new risk and resilience platform called Qantian.

The platform has been five years in the making and the first instalment, which covers cyber risk, has just been launched. You can check it out here. 

One of our Australian not-for-profit clients took the cyber assessment and received risk score of 34 per cent. Qantian highlighted various gaps in their cyber resilience, leaving them vulnerable to a cyber attack.

Being a charity, they were receiving vast sums in online donations so a data breach could mean a loss of trust with their financial supporters and the end of their business. After taking the assessment, the client has already taken a number of steps to reduce their risk exposure and they’ve seen a corresponding improvement in their Qantian risk score.

We encourage our clients to take the Qantian assessment to better understand their cyber risk.

We’re hosting an online seminar on July 31 where you can hear about the specific cyber risks outlined in your cyber assessment and hear about some potential solutions.

What: Cyber risk seminar 

When: July 31, 4:00pm – 5:00 PM AEST

Register here.

We encourage our clients to take the Qantian assessment prior to attending the webinar.

Contact Grant Chisnall.

Back to all news