Create a free account, or log in

Your IT systems are the weakest link: Security expert warns on corporate sabotage

For many small businesses, a sense of complacency is the biggest hurdle to overcome with technological security. But Mat Hannan, a lead partner in technological risk services at BDO, has a warning. โ€œSMEs need to stop thinking it wonโ€™t happen to them,โ€ he tells SmartCompany. He and his team are seeing more and more SMEs […]
Myriam Robin
Myriam Robin

For many small businesses, a sense of complacency is the biggest hurdle to overcome with technological security.

But Mat Hannan, a lead partner in technological risk services at BDO, has a warning. โ€œSMEs need to stop thinking it wonโ€™t happen to them,โ€ he tells SmartCompany.

He and his team are seeing more and more SMEs come under attack. These attacks are increasingly mature, and increasingly committed for commercial gain, he says.

โ€œItโ€™s old crimes being committed in new ways,โ€ he says. โ€œThings like extortion, fraud and misappropriation of funds are a huge issue.

โ€œThereโ€™s a continued risk of internal fraud. And as for external attacks, the threat has always been there, but such attacks are more easily perpetrated now.โ€

Small businesses doing things in new and innovative ways are at particular risk, he says. โ€œOften, small businesses and start-ups have extremely valuable intellectual property. But often, their security systems arenโ€™t up to scratch and that property isnโ€™t protected by patents. So theyโ€™re an easy target for corporate sabotage and theft.โ€

SMEs need to take the threat more seriously, Hannan says. And the first thing to do is to become familiar with the Defence Signals Directorate website.

โ€œTheir website publishes lots of notes for small businesses to help them keep abreast of the risks, and itโ€™s continually updated,โ€ he says. โ€œItโ€™s an easy place to start.โ€

โ€œApart from that, itโ€™s important to regularly patch your systems, as software providers will close security loopholes as they find them and issue that as an update. Itโ€™s also important to be constantly reviewing your access privileges.

โ€œPeople think theyโ€™re small, so theyโ€™re not going to be a target. Thatโ€™s not the case.โ€

If you suspect your business has been attacked, Hannan recommends a careful approach.

โ€œA trusted adviser in the IT space is a good place to start.

โ€œThe thing to be aware of is that you donโ€™t want to destroy evidence that may lead to the capture of whoever is responsible. Even turning on a computer might destroy the evidence that can be obtained through a forensic investigation.โ€

The local police are a good point of contact, and for larger breaches, it can even be worth going to the Australian Federal Police.