How to improve your data security to avoid the costs of Cybercrime.

Data security is vital in today’s business. Cybercrime is escalating with data breaches becoming more frequent and severe. Loss of data can have a devasting impact on an organisation. A cyberattack can result in financial damages and loss of reputation which may take years to recover from.

Cybercriminals, many of whom originate from Eastern Europe, regularly target personal data, credit card information and bank accounts. Their methods are becoming increasingly specialised and sophisticated.

After receiving what appeared to be a legitimate email from his bank, and almost falling for a phishing scam, an FBI director recently admitted he does not bank online due to cybersecurity concerns.

Absolutely everyone; individuals, business and government, are at risk from data security fraud.

In Australia, the costs associated with cybercrime are immense. The Australian Institute of Criminology estimated that computer security breaches affected 14% of Australian businesses in 2007 at a cost of more than $600 million. The AIC survey showed 13% of small businesses, 20% of medium businesses and 30% of large businesses were affected by a computer security breach that year.

The average loss due to computer security incidents during 2006-07 was $2,757 for medium businesses and $17,578 for large businesses. The most commonly reported computer security incident involved viruses and malicious code attacks (64%). Of those businesses affected, 40% reported corruption of hardware or software. The majority of businesses dealt with these incidents internally, with only 8 % reporting them to the police.

Identity fraud is estimated to cost the Australian economy $3 billion each year. Cybercriminals take advantage of people’s use of social networking sites and unsecured wireless networks, hacking into thousands of computers each day. Costs to individuals and businesses in the SME sector can be devastating. Fortunately with some simple precautions your exposure can be minimised.

Some methods of minimising the risk to data security for the small- to medium-enterprise include:

• Employee education and awareness programs
• Make transactions secure - ensure there is a clear delineation of duties which a second person has to approve
• Monitor content going into or out of your network
• Implement acceptable use policies for wireless technology, information technology, and mobile devices (such as which data software is acceptable and what can be stored on a laptop or mobile phone)
• Complete background checks on staff
• Conduct mandatory reporting of misuse and abuse of computer equipment
• Complete a written set of standard operating procedures for technology
• Manage account and password policies

There are also a number of initiatives that aim to assist businesses with computer security in Australia. These were outlined in The Australian Business Assessment of Computer User Security: a national survey by the AIC and include:

• Stay Smart Online: an Australian Government initiative aimed at improving home and small business users’ computer security
• Scamwatch: an Australian Competition and Consumer Commission program that provides information to consumers and small businesses on how to avoid scams, including internet scams
• Australian High Tech Crime Centre: Australia’s national agency for combating high tech crimes
• AusCERT: Australia’s national computer emergency response team
• Stay Safe Online: a national initiative that provides information to consumers and small businesses on avoiding cybercrimes.

Spend the time to take some of these protective measures, as the risks to businesses of all sizes are great and increasing.