Your IT systems are the weakest link: Security expert warns on corporate sabotage
Wednesday, September 18, 2013/
For many small businesses, a sense of complacency is the biggest hurdle to overcome with technological security.
But Mat Hannan, a lead partner in technological risk services at BDO, has a warning. “SMEs need to stop thinking it won’t happen to them,” he tells SmartCompany.
He and his team are seeing more and more SMEs come under attack. These attacks are increasingly mature, and increasingly committed for commercial gain, he says.
“It’s old crimes being committed in new ways,” he says. “Things like extortion, fraud and misappropriation of funds are a huge issue.
“There’s a continued risk of internal fraud. And as for external attacks, the threat has always been there, but such attacks are more easily perpetrated now.”
Small businesses doing things in new and innovative ways are at particular risk, he says. “Often, small businesses and start-ups have extremely valuable intellectual property. But often, their security systems aren’t up to scratch and that property isn’t protected by patents. So they’re an easy target for corporate sabotage and theft.”
SMEs need to take the threat more seriously, Hannan says. And the first thing to do is to become familiar with the Defence Signals Directorate website.
“Their website publishes lots of notes for small businesses to help them keep abreast of the risks, and it’s continually updated,” he says. “It’s an easy place to start.”
“Apart from that, it’s important to regularly patch your systems, as software providers will close security loopholes as they find them and issue that as an update. It’s also important to be constantly reviewing your access privileges.
“People think they’re small, so they’re not going to be a target. That’s not the case.”
If you suspect your business has been attacked, Hannan recommends a careful approach.
“A trusted adviser in the IT space is a good place to start.
“The thing to be aware of is that you don’t want to destroy evidence that may lead to the capture of whoever is responsible. Even turning on a computer might destroy the evidence that can be obtained through a forensic investigation.”
The local police are a good point of contact, and for larger breaches, it can even be worth going to the Australian Federal Police.
Be honest about your situation: How vulnerability helps businesses thrive Sue Parker DARE Group founder
Own it: The 10 things you need to do to manage your personal brand Lisa Stephenson Who Am I Projects founder
Six invaluable lessons: What 20 years in aged care taught me about being an entrepreneur Natasha Chadwick NewDirection Care founder
An entrepreneurial superpower: Eight tips to help develop resilience Adala Bolto ZADI Training co-founder
Going through a lull? Five areas you should invest in when sales drop Tamara Alaveras and Sonia Majkic 3 Phase Marketing co-founders
Stop telling us how busy you are, it's boring and charmless Ian Whitworth Scene Change co-founder
Blandification™ and the state of modern branding Jeffrey Oley The Offices co-founder
Why you should find the right role for the right person — not the other way around Bruce Stronge Outfit founder