Cybersecurity risk affects us all, whether we have taken the time to consider it or not, and independent of whether we have had the foresight to develop a plan to deal with it.
Every time we use the myriad devices now embedded in our daily routines, and we set about creating, sharing and relying on the information that is most important to us, we introduce risk. The risk of accidental or deliberate misuse of information, or the risk of misconfiguration or compromise to technology. This risk, in turn, affects our credibility. The credibility of our brand, our information and of the reliability of the service that we are providing.
This is not just the stuff of blockbuster movies designed to invoke fear (although as a cybersecurity enthusiast I am certainly a fan of the Mr Robot TV series and encourage you to take a look). This is an issue that is playing out every day in homes and in businesses all over Australia and not just the big end of town. In fact, it is the small to medium enterprise operators who are potentially most at risk, as even a small mistake like clicking on a link in an email that a staff member thinks is from a colleague but isn’t, can have business ending consequences.
So how can we collectively build cyber resilience into all Australian businesses and level the playing field while trying to bring a considered or proportionate view to that age old equation; cash versus reward. In this article, I explore the key elements of a cybersecurity strategy from an SME perspective, and explore whether establishing a dedicated attempt at cybersecurity risk management is possible without the big teams and big budgets.