Taking the time to reflect on your organisation’s cyber risk profile

October is Cyber Security awareness month. With a rise in high-profile cyber attacks across Aotearoa in the past year, we want to make sure you have access to the right information to make informed decisions about your company’s cyber risk.

Our annual BDO and AusCERT Cyber Security survey identifies the biggest threats facing organisations across New Zealand and Australia, as well as highlighting what companies can do about them.

Last year’s Cyber Security Survey showed how cyber threats are evolving. Organisations were overconfident in their cyber controls and data breaches doubled - with an increase in breaches caused by malicious hacking and accidental disclosures by staff. It also highlighted the increase in foreign interference, and showed that many business owners are making cyber integral to their business strategy – it’s not ‘just an IT issue” anymore.

We know SMEs owners have it tough – you’ve got a million and one things to worry about, and it’s really hard to find the time required to research cyber trends and keep your business safe. But you also know that you still need to keep it safe – which is why we’re keen to get your thoughts on what you see as the greatest cyber issues facing your organisation for this year’s cyber survey.

This is an excellent opportunity to take 10 minutes and reflect on your company’s cyber risk profile by answering targeted questions that will give you a better understanding of where you can improve your own organisation’s cyber defences.

By taking part, you will gain access to valuable data, allowing you to benchmark your organisation’s cyber security efforts and gain insights into the cyber threats faced by your industry peers. The survey closes at midnight on Friday, 3 December 2021.


Staff awareness remains the single biggest risk factor

Chynel James, Chief Technology Officer at BDO in New Zealand, said that even since the last Cyber Security survey was released in 2020, the risk profile has changed, and staff awareness remains the single biggest issue for companies in New Zealand:

“Staff awareness has become even more important now that so many of us are working from home. Text phishing scams are increasingly widespread, and are being used against companies already strained from covid. During lockdowns it’s harder for people to check whether an email or text is legitimate, they may not be in as close contact with their colleagues as usual, and they’re also stressed with lower attention to detail – all of which makes it much easier for a phishing scam to be successful.”

Increasing education among staff - making it a year-round activity rather than just something you do at onboarding - is essential for keeping your systems secure. So is enabling multi-factor authentication, ensuring updates are installed on all devices, and sending out regular internal comms about new scams so people know what to recognise are all actions you can take to reduce your cyber risk.

If you have questions about your organisation’s cyber risk profile, contact your local BDO adviser, who can put you in touch with the right people to help keep your business safe.