For many small business owners, getting online has been essential to growth. From websites and booking systems to cloud accounting and digital payments, technology now underpins how businesses operate and connect with customers.
But that reliance also creates new risks. Increasingly, cyber criminals are targeting small to medium-sized businesses through everyday digital tools like email, websites and online payments. Often, it’s because they assume these smaller organisations have fewer protections in place.
And for many women small business owners, digital safety often sits low on the priority list. In a recent survey by the Australian Cyber Security Centre, almost half of small to medium businesses rated their understanding of cybersecurity as ‘average’ or ‘below average’, and reported having poor cybersecurity practices.
The good news is that improving your cybersecurity doesn’t have to mean expensive systems or complex technical knowledge.
According to the CEO of the Australian Women in Security Network, Jacqui Loustau, who works closely with small businesses on cybersecurity, making a few key changes can make a big difference for women looking to protect their business, data and customers.
‘It’s the core of business’
With so much of business happening online, taking the time to learn and upskill on digital safety is a necessity for small business owners, Loustau says.
“The majority of businesses now have a website, they have email, they communicate with their customers digitally. And so, there's a lot of reliance on technology and the digital world,” Loustau tells Women’s Agenda.
“When it comes to digital safety, it's the core of the business. [Business owners] can't pay their bills without using technology, and a lot of their customer data is stored digitally.”
Loustau says digital safety is about the small steps you can take as a business owner to keep your customer and financial data, and intellectual property safe.
“We work with quite a few small businesses, and a lot of the time they just don't know what they need to do,” Loustau says. “They hear about all these scary stories in the news, and they don't know where to start and what to do.”
So what can a cyber threat look like?
As Loustau explains, some of the most common cyber threats can seem harmless in the first instance.
Maybe it’s a supplier asking you to update their bank details. A customer inquiry with an attachment, or an urgent message from your “boss” asking you to pay an invoice.
One of Loustau’s key pieces of advice is to never be embarrassed to double check if something doesn’t feel right. Business owners should be leading the way in creating a culture where staff feel comfortable asking, “Does this look legitimate?”
“As a society, we need to not be afraid to ask and double check,” Loustau says.
Key scams business owners need to know about
Invoice fraud and email compromise
This is one of the biggest threats facing small businesses right now. Cyber criminals send emails pretending to be a supplier or contractor claiming they've changed their bank account details and asking you to pay to a new account.
"They follow the money," says Loustau. "They're preying on the fact that you may not check bank account details when somebody is changing them."