SMEs ‘Fail’ On Cyber Security
A survey by Chubb Australia suggests that only half of Australian SMEs are aware of their cyber reporting obligations, while less than half have a data breach response plan, and only a quarter have cyber risk insurance.
The Notifiable Data Breaches (NDB) scheme requires all businesses covered under the Privacy Act to report data breaches involving personal information.
The figures come from Chubb Australia’s second SME Cyber Preparedness Report, which also found unwarranted confidence in respondents’ ability to recover from an attack: 79 percent were confident they could overcome a breach by sophisticated hackers within 24 hours.
The survey also found half of SMEs had been impacted by cyberattacks, but 32 percent of senior leaders surveyed assumed their businesses would never experience a cyber incident. And it found complacency to be on the rise, with significant drops across four key areas of concern.
Concerns about relationships with customers slid to 36 percent from 51 percent last year; concerns about revenue and sales were down to 40 percent from 50 percent; concerns about public reputation down to 33 percent from 47 percent; and concerns about cost of an incident down to 38 percent from 51 percent.
Chubb’s cyber and technology industry practice manager for ANZ, John DePeters, noted that SMEs account for 96 percent of all businesses in Australia.