Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Is Your Business Cyber Secure? Top Tips To Stay Safe In 2023

With cyber-attacks increasing and organisations of all shapes and sizes potentially at risk, the new year is a good opportunity for Kiwi businesses to review and improve their cyber security, no matter their size, says CyberCX - Australasia’s largest cyber security provider.

For small businesses, understanding the tools and systems critical to the company operating should be at the top of the list, including email accounts, websites, and accounting software, says CyberCX Executive Director of Security Testing and Assurance Adam Boileau.

Adam Boileau

“It’s vital to identify the digital building blocks of your business and who has control of those,” he says.

“If you have multiple providers, old email accounts or people with access who have left your organisation, it’s the right time to tidy that up for your security. Conversely, if you have everything stored in one place, that can be a problem too - would your business stop operating or be at risk if your phone was lost or stolen, for example?

After that, Boileau says it’s important to review how you authenticate or access those systems.

“That means how you log in to your email, access your Xero account, your Google account, or whatever the service is. Also, it means thinking about who pays for that access and whose credit card it’s on”.

Storing passwords safely is also vital, and while it may sound obvious, it is something many people trip up on, he says.

Advertisement - scroll to continue reading

“It’s good to store an offline copy in a business safe, and online use a password protection app to add an extra layer of safety. Multi-factor authentication, where you generate a code on a mobile app or use a hardware security token as second step to logging into important systems is also significantly safer.

“A good test is that you should theoretically be able to copy and paste your password into a public Facebook post and not have it create a crisis for your business because it takes more than just that to access your systems.”

Larger organisations should also regularly audit their cyber security and ask themselves some fundamental questions to keep it strong, Boileau says.

“You can take two approaches at once when it comes to cyber security at a larger organisation - preventing something bad from happening in the first place, and assuming it will and having plans to minimise the impact,” he says.

“They should be asking themselves what is of value in their business that could be targeted - do they store data or process credit cards? If someone tried to extort you for your data, can you make that a survivable event?”

Boileau says larger businesses should be doing all the same things as smaller companies - as well as obvious things like making sure software is up to date, and exercising their disaster recovery plans. CERT NZ has guidance for small-medium businesses, while the Australian Signals Directorate’s Essential Eight is very effective for larger organisations.

“Everything we do is now driven by computers, meaning people’s data is constantly being put at risk because it sits in the hands of businesses who aren’t compelled to ensure it’s being stored with enough security or adequate safeguards against a cyber-attack,” he says.

“While we need more cyber security regulation in NZ, as it sits now, it’s a really good time for Kiwi businesses to step up, make a New Year’s resolution to review their cyber security and do whatever they can to improve it.”

ABOUT CYBERCX:

CyberCX is the leading provider of cyber security services across Australia and New Zealand. With a workforce of over 1,200 cyber security professionals, CyberCX is a trusted partner to private and public sector organisations, helping customers confidently manage cyber risk, respond to incidents, and build resilience in an increasingly complex and challenging threat environment.

CyberCX provides end-to-end cyber capabilities, enabling customers to securely accelerate their digital transformation strategies. CyberCX’s services include consulting and advisory, governance, risk and compliance, incident response, security testing and assurance, network integration and security, cloud security and solutions, identity and access management, managed security services and cyber security training.

Visit www.cybercx.co.nz to find out more.

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.