More than ever, cybercrime is a reality all businesses in Australia must face. No matter your industry, company size, or level of technology use, it’s up to you to ensure the security of your data and the strength of your security.
Together with the Cyber Security Working Group (CSWG), the Australian Taxation Office has developed 3 key tips to help businesses throughout the country combat cybersecurity. We’ve summarised these tips below.
3 Tips for Better Cyber Security
1. Ensure your system and individual accounts are constantly monitored.
All accounts owned or operated by your company need to be monitored constantly for unusual activity. This may mean hiring a security company to carry out consistent monitoring, but it will also mean checking your company interactions and transactions in-house. On an individual level, instruct your employees to follow the same self-monitoring protocol.
2. Train your employees in best practices for optimal security.
Evidence shows that phishing scams are at the root of most cybercrime activity. A phishing scam is generally conducted by email, but it can be done over the phone or by mail as well.
Most often, a criminal on the other end of the scam will send an unsolicited email to one or more employees in your company. The email will likely appear from a legitimate source, such as a bank, credit card company, security manager, or higher-up in the company. A key feature of a phishing email is the request to:
- Reply with more information (usually personal or sensitive information such as a login or account number)
- Login to an account you possess via a link the provided in the email
- Click on a link for some other reason (to retrieve a prize you’ve won, for example)
In order to avoid phishing scams from affecting your company, the only truly effective measure is to train your employees in common cyber scam activity. Teach them how to avoid such scams. It’s important to teach your employees to:
- Never click on links from or reply to suspicious emails.
- Avoid providing sensitive information (logins, passwords, account numbers, access codes, etc.) when prompted by email. When in doubt, double check with the sender by calling them directly or speaking to them face-to-face to see if the initial message was real.
- Never open attachments or programs from unknown sources.
- Never leave their open or logged in computers or terminals unattended.
- Watch your social media presence carefully. Not everything (meaning, sensitive details) should be shared on public accounts like Facebook, Twitter, and Instagram as hackers may come back to use this information with malicious intent. Make sure whoever is managing your social media accounts is aware of this.
3. Be wary of conducting business on public Wi-Fi connections.
Public Wi-Fi can be a tricky Internet connection to safely use because it’s not always secure from corruption by nearby hackers. This certainly goes for individuals on a personal level as individuals can easily be hacked via their bank account logins or by email, but it always goes for business conducted on company laptops or through company websites or cloud accounts.
This is often an issue “on the road.” Many businesses will send employees on company trips, during which they may want to use public Wi-Fi (at an airport, hotel, or restaurant, for example). In general, this should be avoided whenever possible, or, if it is absolutely necessary, only general, non-sensitive business should be conducted when connected to public Wi-Fi.
Is Cybercrime on the Rise in Australia?
Yes. Top businesses and the Australian government strive to attain optimal cyber defence capabilities. However, even as awareness of cybercrime grows, there are still mounting incidents of cybercriminals getting away with their crimes. This is partly because hackers can commit their misdeeds internationally — and most do. This makes them much harder to track as they often route their hacks through a variety of countries.
The best way to combat this type of criminal activity is to follow the directives listed above. Only thorough and attentive security monitoring and diligent training of employees can stop the threat of cybercrime to your company.