Cybercrime affects millions of people in New Zealand every year, from stolen identities to account hacking and information theft. When cybercriminals target small businesses, they can have a significant impact including financial losses and reputational damage.
New Zealand’s Computer Emergency Response Team (CERT), part of the Ministry of Business, Innovation and Employment, warns that cyberattacks are rising. As a business owner, it’s important for you to be aware of the risk and repercussions of cyberattacks, as well as understanding what you can do to protect your business and your customers.
Types of cyberattack
There are many different ways that cybercriminals can target small businesses. Increasingly, cyberattackers are using automated attacks and they’re always coming up with new ways to victimise people. Some of the common types of cyberattack currently in use include:
- ransomware – where the cybercriminal encrypts your data and holds it to ransom
- malware – where malicious software or code is downloaded onto your computer via an infected email, attachment, or link
- credentials theft – where the attacker steals login details so they can access your system
- phishing attack – where cybercriminals trick you into providing information, clicking on a link, or making a payment
- distributed denial of service (DDoS) – where the attackers disrupt your network so it’s not available to your customers
- vandalism – where the attackers deface your website or upload deliberately misleading and false information.
Impacts of cyberattack
The impacts of a successful cyberattack can range from inconvenient to catastrophic.
Regardless of how the cybercriminals target your business, the fallout is likely to include:
- financial losses – due to downtime through not being able to operate
- increased costs – due to the need to remediate infected systems
- reputational damage – due to customers being unable to interact with you as expected
- relationship damage – due to your inability to interact with suppliers and partners as expected.
Importantly, if your cyberbreach included a breach of sensitive customer information, your customers will lose trust in your business. If the breach is significant enough to make the news, then potential future customers will also be less likely to do business with you.
What you can do
The bad news is that cyberattacks are now so common that it’s no longer a question of if you’ll be attacked but when. It’s therefore essential that you put strong cybersecurity measures in place to protect your business and mitigate the risk of a successful attack.
Remember, too, that many attacks come through your relationships with suppliers and stakeholders. If they’re attacked, the cybercriminals could use the information they learn about your business to target you more effectively. Therefore, it’s important to talk to your suppliers about what they’re doing to help keep everyone more secure.
Much of cybersecurity is about simple risk management techniques such as not clicking on links in emails, treating even legitimate-looking emails with suspicion if they ask you to do something that doesn’t seem right, and ensuring all devices that connect to the network are properly secured. Patching and updating your software and infrastructure is also essential.
If you don’t have cybersecurity expertise within your business, it’s worth partnering with a vendor who can help you identify the security gaps in your business and help you develop a roadmap to closing them.
And, like any business risk, insurance is indispensable.
What is cyber insurance?
Cyber insurance or cybercrime insurance works like any other insurance policy to protect you in case you get attacked. It can cover you for the losses you sustain as a result of a successful attack, as well as for the cost of repairing your systems after an attack.
To find out more about how cyber insurance can help protect your business from the losses you could suffer as a result of a cyberattack, contact us today.