To put it in the simplest way possible – it is no longer a case of “if” you get infected/breached/hacked, but “when”.

“Infected” could mean a basic PUP infection that is annoying (at worst) while you browse the web… or, it could be your entire business collection of data (think everything you have worked on and saved) being encrypted for Ransom $$$ or deleted/sold/distributed depending on the nature and reason of the attack.

There are more than 15 different security layers you can implement to reduce your cyber security risk. A free option is to simply remove admin from your local user! Antivirus software is another layer, and one of the cheapest paid layers to implement. There is also a huge selection of antivirus software you can pick from – some are free (and expect the effectiveness of free), while some can cost $200+ per year for only one computer. Then we can advance to other “specific” software or hardware solutions, like application whitelisting programs or software that assumes you are infected and spends all it’s time hunting to find it. Zero Trust programs are becoming popular as well. We then look at hardware solutions like UTM Firewalls, Encryption keys, Biometric solutions, Gateway devices and so on. It doesn’t stop there!

So why do we need security?

If I asked you what you spend on business insurance per year, and then asked you why, would you say it was something to do with “risk”, or “what if”. (Now refer to the first line of this web page.) Have you investigated how many insurance products are available? Most businesses invest in multiple insurance policies to protect themselves from risk.

Computer security is very much like insurance, but consider that the impact of a stolen car is very different to the impact of not being able to access “who owes your business money”, or “what stock has been purchased by whom and still needs to be supplied”. Statistics* say that more than 1 in 5 small and medium businesses do not have adequate data backup or security protection in place. (*Infrascale 31st March 2020), and the ACSC stated 62% of small businesses had been the victim of cyber crime. This was in July 2020, and it has only gotten worse. November 2023, latest stats from the ACSC/ASD, 14% increase in losses, averaging $46,000 for small businesses. 94,000 reported cybercrime events, an increase of 23% from 2022. 32% increase in calls to the cyber security hotline (90 per day), and 54% of those were related to online banking, online shopping and fraud/scams.

And lets face it. No matter where you look, the statistics are all seriously in favour of the criminals.

So in a nutshell, you might have antivirus software on your computers, and you might have some backup, but how many other layers have you implemented to reduce your risk? This is one area you can no longer afford to skimp on. It’s no longer if, but when. And with your (and our) responsibilities increasing in reporting of breaches, and the insurance industry starting to ask more questions of what layers you have invested in (to consider if they can insure you) – it might be time to have a serious conversation with an IT professional who’s first job was working for McAfee Antivirus back in 1992.

Give KPTech a call to discuss your options and find solutions that fit your investment budget in cyber security. We offer cyber security packages from as little as $23 per month and includes Password Manager and policy compliance, Staff education and testing, IT policy templates to use, monitoring of Email, websites, IP addresses, dark web scanning and more.

If you are interested in reading more about the state of cyber security, have a look at these sites, but let me warn you… it might make you realise you need to invest more in your security layers!

https://www.cyber.gov.au/

https://doublepulsar.com/

https://www.cyber.gov.au/about-us/view-all-content/reports-and-statistics