Australian small businesses lag behind on cybersecurity

Australian small businesses lag behind on cybersecurity

Australian small businesses lag behind on cybersecurity

Despite cybersecurity being a key concern for Australian businesses, smaller businesses lack dedicated security budgets.

New research has revealed that Australian small businesses are struggling when it comes to cybersecurity, with only 44 per cent of businesses with fewer than 50 employees having a budget dedicated to security.

Vanta’s Trust Management Company trusted status The report shows that despite 58 per cent of Australian businesses considering cybersecurity threats as their top concern, smaller businesses are struggling.

Only 66 percent of small businesses are confident they can explain the impact of any security program on their business, while AI is an even bigger challenge with only 13 percent of small businesses auditing AI models to comply with data privacy regulations.

Another alarming figure from the report is that 43 per cent of Australian businesses face cyber threats more than once a week.

According to Jonathon Coleman, Vanta APAC managing director, “Australian businesses are waking up to the very real idea of ​​cyber threats”, but only the largest businesses are able to adequately prepare for a cyber incident.

“But awareness is only half the battle. Action is the other half, and as larger companies invest more in their own cyber protection, the vulnerabilities left in small business defenses become increasingly apparent to attackers, who tend to be opportunistic in nature. Coleman said.

“Compliance is a huge step forward in improving cybersecurity, but historically, the amount of time and effort it has taken organizations to comply has been prohibitive. But we are now in the age of AI, where organizations can automate a lot of compliance work, helping to make it less of a checkbox exercise and more of a robust, continuous security measure that helps drive compliance. business”.

Paul Hawkins, chief information security officer at CipherStash, has some advice for smaller businesses, particularly startups.

“There are three practical things I would suggest to all startups considering cybersecurity for the first time. The first thing is to identify what you have. Understand which service providers you are using, where you store your and your customers’ data, and gain visibility into your IT assets,” said Hawkins.

“Second, establish the foundation of your identity. Centralize your systems around one identity provider and reduce the number of long-lived login credentials to make it easier to revoke access when you need it.

“And finally, use managed security services like AWS Guard Duty or Vanta to gain visibility and security capabilities without having to build and operate those systems yourself.”

Vanta’s trusted status The report is based on research conducted during July and August 2024 and responses from 2,500 business and IT leaders in Australia, the UK and the US.

Leave a Reply

Your email address will not be published. Required fields are marked *