Training and awareness programmes key to battling ever-evolving cyber threats

Cyber security is an issue of global concern and receives heightened focus during periods of geopolitical tension. Yet, the threat is constant and ever-evolving - what should New Zealand businesses be doing right now to address the very real risk that cyber crime poses to us all? 

The sixth annual trans-Tasman BDO and AusCERT Cyber Security Survey has seen a record number of respondents, highlighting just how central a concern cyber security has become to businesses in Oceania.  

Remote working, digitisation and disruption a central focus 

As the COVID-19 pandemic continues, the survey has confirmed that remote working, digitisation and disruption continues to be a central focus for organisations’ cyber efforts. 

Cyber security incidents are increasing in frequency, cost and reputational damage – with already disrupted supply chains and critical infrastructure becoming central targets. Ransomware remains a top threat and efforts by cyber criminals in this area continue to ramp up across the globe. So too do ‘hacktivists’ which account for nearly one-tenth of likely sources attributed to cyber security incidents – a result of the growing understanding of climate change, the global pandemic and regional tensions.  

Over three-quarters of respondents have cyber security training in place 

While the risks continue to evolve, so too do businesses’ defences. There has been an increase in training and awareness programmes among respondents (over 75% have a cyber security training and awareness programme in place), with organisations understanding that the human factor is key to protecting a business.  

Encouragingly there has also been an increase in investment in cyber insurance and cyber threat intelligence, as well as incident response capabilities and dedicated response personnel.  

Data breaches, supply chain risks and ransomware were the most concerning threats for respondents over the next 12 months. 

“Your people are your organisation’s first line of defence against any cyber threat,” explains Chynel James, Chief Technology Officer, BDO New Zealand. “As this year’s report has indicated, this means ensuring you have regular training programmes to help them recognise scams such as fraudulent emails. At BDO, we’ve introduced annual cyber security training for all our people, as well as the integration of simulated cyber threats, including proxy phishing emails, to regularly prompt employee awareness and risk-readiness.  

In addition, enabling multi-factor authentication for access to your email and working environment is an excellent extra line of defence. If you’re wondering where to start, there are great tips from CERT NZ.”  

Read more insights from the 2021 BDO and AusCERT Cyber Security Survey here.

If you’d like to talk more about your business’ cyber risk profile, get in touch with your local BDO office today.