Despite more than one-third of ACT companies having faced a data privacy or cyber-security attack in the past two years, just over half of our local businesses have a plan in place to respond to an incident.
Canberra Business Chamber has recently conducted what is possibly Australia’s first survey of local business cyber-awareness.
It found that while firms have directly experienced cyber threats, many are ill-equipped to take practical steps to minimise risks and protect their own and customer information.
Between 70 per cent and 77 per cent of respondents have taken basic cyber-protection steps, including loading the latest software updates, backing up business data at least weekly, and ensuring password access to company devices.
Even more have firewalls on their computer systems, change the default factory passwords on devices, and control access to business devices and data.
“This basic level of awareness is very positive”, says Lyndal Thorburn, Chair of the Chamber’s Innovation Taskforce. “This, and the high response rate to our survey in a relatively short time, shows that cyber-security is on the minds of local businesses. This is a good sign that cyber-hygiene is uppermost in locals’ minds at the moment.”
Room for improvement
However, the survey also revealed that while local businesses are getting the basics right, there is room for improvement when it comes to taking more proactive steps in cyber protection. For example, only 45 per cent of respondents had a secure website and had changed the default passwords on their business routers.
Other risks identified included how companies control if, or how, staff can download software and apps onto their business-owned devices and access Wi-Fi while travelling.
The survey also showed that local businesses are very interested in enhancing their skills in this area and are willing to seek advice from service providers. Three-quarters of respondents are already using third-party suppliers for backup, organisation-specific software and client data.
Over the next 12 months, the Chamber will be developing a set of ‘FAQs’ companies can use to improve their basic cyber-hygiene and a list of trusted third-party suppliers businesses can look to for expert advice on reducing cyber risks.
These steps will help local businesses meet the requirements of larger customers, including government and defence, when supplying them with services.
The Chamber plans to run the survey annually to collect timeline data. This year’s survey is still live and can be accessed here.