Small businesses are getting a helping hand with their cyber security thanks to a new pilot program.
The program is a joint effort between the Cyber Security Cooperative Research Centre (CSCRC), CyberCX, Data61, and the Australian Cyber Security Centre (ACSC) and will initially focus improving the security of six South Australian small to medium enterprises (SMEs).
CEO of the CSCRC Rachael Falk said SMEs often struggle with the demands of decent cyber security, making them the target of cyber criminals.
“The CSCRC recognises the cost and time pressures SMEs face in bolstering their cyber security and that they need simple, straightforward and cost-effective solutions, which is why this pilot is so important,” she said.
This pilot program will see the partners work hands-on with six South Australian SMEs to strengthen their cyber security over the coming months.
Afterward, the CSCRC hopes to establish a set of common needs across SMEs in order to help government and the Australian cyber security ecosystem better understand how to help SMEs.
Support for SMEs was a pillar of the government’s updated cyber security strategy announced last year as it recognised SMEs “often lack the resources or expertise” to adequately defend themselves against cyber threats.
To that end, it announced some initiatives to support SMEs including grants to help other organisations build programs to support SMEs with cyber development.
Karen Andrews, the Minister for Industry, Science and Technology, said the growth in digital activity caused by COVID-19 has also increased the risk of cyber attacks.
“This pilot will build on our investments across Government to make sure our businesses are safe online, so they can grow and create more jobs for Australians,” she said.
A recent report from US cyber security firm Crowdstrike also found that threat actors are simply becoming faster.
Last year, the average time for attackers to gain entry into an organisation’s systems was just under 4.5 hours – roughly half the average breakout time in 2019.
Crowdstrike also recognised Australia as having a high number of ransomware attacks compared to other nations.
Ransomware attacks can be devastating to small businesses with one Melbourne-based company last year revealing how such an attack cost it around $2 million.
On Monday, the ACSC announced two companies that will be able to deliver its Information Security Registered Assessors Program (IRAP) training: CIT Solutions and the Australian Cyber Collaboration Centre.
ACSC head Abigail Bradshaw said the training will see more people who can assess whether an organisation’s cyber security meets the government’s standards.
“This means more businesses and organisations will be able to access Australian Signals Directorate-endorsed assessors to identify cyber security vulnerabilities, and help implement rigorous Australian Government cyber security standards,” she said.