People as ultimate crime fighters
CPA Australia’s Asia-Pacific Small Business Survey 2024–25 shows that 40 per cent of small businesses lost time and/or money due to a cyber attack in 2024, and 41 per cent expect to be attacked this year. More than 50 per cent reviewed their cybersecurity in the past six months and over two-thirds have used cybersecurity measures in the past 12 months.
Azfar Asa’ad, senior advisor, business, investment and international at CPA Australia, says AI adoption among survey respondents is also expected to increase throughout the year, driving a great need for cybersecurity.
“AI is planned to be the number one investment for most businesses and, as a result, we think they should also look to improve their cybersecurity. As you adopt more advanced technology, the cybersecurity risks increase.”
While technologies like AI are elevating cybersecurity, they also present limitations. For example, while the “good guys” need to apply guardrails around AI, the “bad guys” do not.
“We have compliance obligations — it’s not an untethered ‘switch it on and just let it do its thing’ approach, and that’s where we have to be a little bit more constrained about its use,” says Gonzalez, adding that people within an organisation can pose the greatest cybersecurity weakness and strength.
“Sometimes, scammers call and immediately manipulate you to transact, but more recently we have observed that they might just try to keep you on the line to take a voice recording.”
Tyler Wise FCPA, director of forensic accounting and digital forensics firm Cyberwise, says businesses can’t afford to ignore cyber threats.
“The cybersecurity greatest hits are things like multifactor authentication and strong passwords, but we are also encouraging our clients to think about their data storage,” he says.
“How much data do you really need to keep? For example, if a staff member or a client leaves your business, have you offboarded them entirely so that they’re no longer part of your records? Also, restrict the types of devices that can be used in your business.
I’m a big advocate for not using your own devices at work, because you can’t control what’s going on in them, so make sure you have an awareness of everything that is touching your network and has access to your data.”
Attard advises that organisations view cybersecurity as a “business-wide risk”.
“It’s not purely the IT team’s responsibility,” she says. “Cybersecurity threats are not going to go away. They will continue to evolve as we continue to develop and adopt new technology.
“It’s vital that we consider what’s coming next and how we can adapt our security measures and always remain vigilant.”
Click Here For The Original Source.
