A new cyber health check program is being set up for small and medium businesses, allowing them to undertake a free assessment of their security measures.

Home Affairs Minister Clare O’Neil says cyber issues are a growing risk for all businesses and can have a particularly magnified effect on smaller organisations.

Australia experiences about 94,000 cyber attacks a year, costing small businesses $46,000 each on average.

“For a small business, a cyber incident can be fatal – it can mean shutting up shop that very day,” Ms O’Neil said.

“Small businesses today do not have the advice and support they need and do not have the resources to properly manage this problem.”

The federal government will spend $7.2 million to offer the voluntary program as part of its Australian Cyber Security Strategy, which spans from 2023 to 2030.

Businesses will be able to access education materials in order to upskill their employees and boost cyber security.

Those that carry a higher risk will also be able to access a more sophisticated, third-party assessment.

A further $11 million will go towards the small business cyber resilience service which provides one-on-one assistance to help Australia’s 2.5 million small businesses navigate challenges, including recovering from attacks.

Ms O’Neil says the cyber security strategy would help Australia become “a world-leading cyber secure and resilient nation by 2030”.

“We understand the challenges small businesses face in the complex world of cyber security but they are not on their own,” she said.

“(The strategy) will make sure the support is available to help them understand and improve their own cyber security.”

Small Business Minister Julie Collins said the fact 97 per cent of Australian businesses were small operators meant they were the foundation of the digital economy.

“That’s why the Albanese government will continue to put them at the centre of our efforts to tackle cyber security threats and help uplift their cyber capabilities to create a stronger Australia,” she said.

The cyber strategy is underpinned by six so-called ‘cyber shields’, which will boost protections for businesses and help them recover quicker when they do suffer an attack.

The Australian Small Business and Family Enterprise Ombudsman Bruce Billson has applauded the measures.

“Some never recover from the assault on their operations and their reputation and today’s announcement offers practical help to minimise the chance of being a victim and better prepare small businesses to bounce back,” Mr Billson said.

The most common type of cyber attack occurs when criminals tap into business email systems, intercept an invoice and change the bank details.

Unsuspecting customers generally settle the account and that money goes straight to the perpetrators.

Some of the easiest ways to avoid attacks are to implement multi-factor authentication and stronger passwords, Mr Billson said.

 

Dominic Giannini and Kat Wong
(Australian Associated Press)