Bay of Plenty Business News June/July 2019

BAY OF PLENTY BUSINESS NEWS June/July 2019
23
Cyber security needs more than a firewall
New Zealand has embraced digital
technologies faster than many other
countries. We’ve raced into the Cloud, and
per capita we are one of the highest users
of Microsoft Office 365 and Google Suite.
But our security has not adapted to this
modern environment at the same rate.
The way we do business
has changed dramatically.
We moved online,
started sharing our lives on
Social Media, putting our critical
business data in the Cloud
and began working from our
cars, homes and hotels. The
Modern Workplace provides
us with new ways of working.
But at the same time, it
has introduced new risks. Just
as cyberspace has no borders,
neither does cybercrime.
Cyber-attacks are on the rise
and New Zealand businesses
are a prime target. In 2017
New Zealand lost an estimated
NZD$177 million to cybercrime.
The cybersecurity arms
race is on - basic threat protection
measures such as antivirus
and firewall no longer provide
sufficient protection.
Cybercriminals have a
range of approaches as well
as an agile and growing tool
set. The potential rewards are
huge, and the risk is relatively
small.
These cyber threats are not
new, but they are becoming
more frequent. Like Health and
Safety, Cybersecurity is a very
real risk and has the potential
to affect the viability of your
business and the livelihood of
your staff. We need to raise
the level of the cybersecurity
conversation, not just with our
users and IT support teams, but
with executives and boards.
We recommend focusing
on three key areas to help keep
your systems safe:
TECH TALK
> BY DANIEL GOYMER
Technical Director of Yorb, a Business Technology Partner. He can
be reached on Daniel.goymer@yorb.tech or 0800-600-606
People
People are your first and last
line of defence. All the security
technologies and processes
in the world can be brought
down by a single well-meaning
employee in a careless
moment. Human error has
become a major weak point;
one that is easily exploited by
cyber criminals. It is vital that
businesses have some form of
cyber security training in place
to educate their employees
on the importance of protecting
sensitive information and
what malicious threats to look
out for.
Process
Are your internal business
processes secure, how do you
verify supplier requests for a
change to their bank account
details? If a request was made
to transfer money overseas;
how is that request verified?
It is key to ensure you have
in place processes that are
detailed, known and well
understood.
Technology
No tool by itself can effectively
secure your data. Manage your
people and technology with
multiple layers of protection
such as firewalls, anti-virus
protection and mobile device
management.
Security is not something
that can be achieved in isolation
using bigger firewalls.
Cyber Security needs a holistic
companywide approach.
• Work with your staff to
ensure they take the appropriate
precautions when
working with your systems.
• Implement processes that
help to identify unauthorised
or unusual behaviour.
• Invest in technologies that
improve security standards
to automatically block
hackers or unsafe files from
your networks.
• Conduct ongoing security
awareness training; analysing
previous attacks and
how these examples can
be used to increase your
safety.
To feel confident in today’s
threat landscape, you need a
multi-faceted approach that
also includes a security framework,
staff training, data protection
and more. You can
only adequately address cyber
risks by increasing security
awareness across your entire
business.
GEMMA & RICHIE
McCAW