What to consider when building a Security Practice

As modern workplaces decentralise and move to hybrid models, it has become more important to tighten security gaps and reduce the opportunities for cybercriminals to exploit and extort Australian businesses. Partners that know how to leverage the advanced security features in their customers productivity platforms and applications have a growing opportunity to respond.

How Real is the Problem?

With so much data flooding the market on cybersecurity issues, it is easy to become hardened or cynical about how much is hype, designed to drive vendor sales agendas.

Real Big and Getting Bigger

The Australian Cyber Security Centre (ACSC) received some 76,000 reports of cybercrime in the 2022 financial year. That is an average of 208 cybercrimes committed every day, but the real number of cybercrimes is probably much higher. Leading Australian cybersecurity expert, Nigel Phair estimates that only one-fifth of online crime against businesses is detected and reported, meaning an estimated 300,000 actually took place in 2022. That is a real and significant problem for a country of just over $2.5 million registered businesses.

Cybercrime reports to ACSC 2020-2022

Image source: https://www.statista.com/statistics/1343645/australia-number-of-cybercrimes-reports-acsc/

Employee vulnerability is real

Small to medium sized businesses (SMBs) are highly vulnerable to cybercrime. Less security technology and in-house technical skills contribute to this, but the ‘people factor’ creates the biggest weak spot. Exploiting a lack of cybersecurity awareness amongst SMB employees is how most cybercriminals succeed.

Cybercriminals are very adept at creating emails, websites, and links that appear genuine but will trick people into making mistakes. ACSC found that 83% of reported cybercrime in the 2020/2021 financial year could be partly or entirely attributed to users. The majority involved people downloading and deploying malicious software on their systems after being targeted with these tactics.

Training can mitigate the people factor over time. SMBs clearly need immediate countermeasures to ensure continuous productivity, even in the event of a cyberattack. Engaging external expertise is the most effective way to achieve this important aim.

The financial impact is real

Nigel Phair estimates the total cost to the Australian economy to be $43 billion per annum. The ACSC’s Annual Cyber Threat Report 2022 identifies the average cost to SMBs as $63,000 per cybercrime, with businesses of between 20-199 employees sustaining the highest financial losses.

SMBs also face the potential of stiff financial penalties for non-compliance with data breach notification and data privacy protection laws. This means when cybercriminals successfully steal personally identifiable information from a business and use it to extort money, it results in a triple threat; financial loss, losing customers due to data breach notifications and significant fines. Many SMBs would struggle to keep the doors open if hit with one of these, let alone three.

Steering the Customer Conversation

The connection between business productivity and security is not always obvious to SMB customers. Taking your customer conversations gradually through the following three stages can help them make sense of the different security layers they need.

Protect

With appropriate protection systems in place, many threats do not make it through to the end-user and can never be activated. Using dedicated applications, you can stop malicious email attachments, viruses, and ransomware from causing issues for businesses and employees.

Limit

If a threat makes it past the protection and secure strategies, you need appropriate defence mechanisms to limit your risk. A defence network will work before an attack occurs and monitor systems for potential problems. When an attack occurs, a good security system will work to isolate and remove the malicious files, applications, and code.

Securing your systems through appropriate password usage and including multi-factor authentication will provide an additional layer of security. Emails and attachments can be encrypted, and forwarding is limited to make sure only the recipient can read messages.

Recover

Ensure that suitable procedures are in place to recover quickly from any attack. Your systems will need to identify what is lost and the extent of the damage. This level will include data storage and backup systems. It may also be required that your systems be examined for potential security gaps and how these can be addressed and improved.

A Critical Consideration for Partners

“In the unlikely event of a sudden loss of cabin pressure, oxygen masks will drop down from the panel above your head. Secure your own mask before helping others.” Sound familiar?

Before you can hit the runway to help your customers, it is imperative to ‘secure your own mask’. As part of the software and service supply chain for your customers, the last thing you’d want is for your business to be identified and exploited as a weak link. However, the potential for this to occur is increasing. The most recent annual cyber threat report from ACSC specifically noted that MSPs, CSPs and IT service providers were actively targeted by cybercriminal networks during 2021 and 2022 because they provide a single-entry point to a range of sectors. Attacks on MSPs/CSPs are undertaken with the aim to ‘breach one, damage many’.

Secure Productivity practice readiness is all about ‘securing your own mask.’ Our cybersecurity technical advisory team is experienced in working with partners on strategies and programs that get your business built for take off.

Ask your rhipe account manager to provide an introduction, and to let you know about relevant incentives and promotions that can benefit your customers and your bottom line.