The recent hit by cyber criminals on websites around the world reinforces the need to change the culture of businesses to help deal with modern threats to our day-to-day business activities.
There has been a call from all and sundry for the small business community to focus on this real and immediate threat; there is clear and present danger and it must be confronted. Still, in the end this is a business issue, similar to many issues we have confronted over the decades.
For example, in the past business people have had to learn that they need security alarms on their premises. Many of us had to learn the hard way but it is now part of the culture of the business world to have alarms and security contracts, as well as the accompanying insurance.
Council of Small Business of Australia chairman Paul Nielsen likes to refer to the ‘three pillars’ of security management: education, protection, and insurance. Or perhaps they are: training employees, having the right software and getting ready for the inevitable. Either way, it is essential for business to have a plan in place and to take action.
But cyber attacks are not the only new threat facing small businesses. Lately we have seen a major increase in power outages, telecommunications failures, EFTPOS outages, website failures and disasters, such as floods, cyclones and fires. These can hit one business or many business, and whole communities.
The recent outages of the Australian Taxation Office website have been a major concern for bookkeepers, accountants, tax agents and the like, as it affected their capacity to complete their business activities.
The failure of an EFTPOS process with a major bank or even the failure of ATMs can cause a disruption to business and loss of sales, which is not good for business or the stress of the owner. Failure of telecommunications can close a business permanently and power outages, something we haven’t seen for decades, also close businesses down, create stress and can affect jobs.
The natural disasters also create stress and worry for employees, as well as employers. The Fair Work system and other support systems seem to be coping well with this but let’s make sure we continue to provide support for those in crisis.
There needs to be a three-pronged approach to managing cyber security and other threats. What can the government do for their agencies and the business community? What can business associations do for their members? What can individual businesses do for themselves?
These are important questions for the small business community. There are some 2.5 million of us and about 800,000 of us employ some 4.8 million other people.
Yet we are not an homogenous community. We cover all sorts of industries with differing demands and different threats; from transport to retail, from technology to services, from health to manufacturing — we communicate differently and have different issues. That is why membership of business associations is so important.
But there are common factors for all businesses to consider. The need for protection, the need for insurance and the need to backup data into a secure place are essential for any business.
The choice for many businesses is whether to back up information to the cloud or to a hard device kept on or off premises. Whatever is chosen it is now vital that information is backed up; that way the effects of a cyber-attack can be thwarted and essential information always available. Many people have a fear of cloud storage as it seems odd to trust someone in some other place with our vital data. Yet on site storage is often less safe, requires more discipline in capturing and maintaining the data, and does not count for fires and community wide disasters.
This is an issue to be confronted and dealt with by all business people.
There is also a need for a back-up or auxiliary power source to help maintain technology and business activities. Modern technology and software should provide what we need, but a business person has to seek that support and make sure it is in place.
The use of cyber security software is also paramount. It is hard to imagine a business that leaves its front doors always unlocked and has no alarm system, yet a business without cyber security software is in exactly that position — and in danger.
Cyber security must be confronted by government. They seem to be on top of the process, but they could improve their communications somewhat and try to use language for people, not experts.
But all of us, even your family, must have protection in place. (I would not like to be in a family where the teenagers cannot access their games and on line support due to a ransom-ware attack!) In the end it is imperative that business people take action — now.