New Data Reveals Up to 309,000 Australian small businesses say they’ve been targeted by cyberattacks, yet many are forced to cut cybersecurity costs
Mastercard partners with 18-year-old ethical hacker to create Cyber Secure in 60 Seconds, a ten-part content series containing simple, low cost and actionable insights for small businesses
A new study commissioned by Mastercard has unveiled the eye-opening scope of cyber-attacks among Australia’s small business leaders, with 309,000 saying they have experienced cybersecurity issues. Of those impacted, 33% claim they experienced financial losses as a result.
Despite an increase in cybercrime reports in the last year1, 31% of small business leaders have been forced to make cuts to cybersecurity due to rising cost pressures, with 63% claiming they are actively trying to scale down business costs amidst the cost-of-living crisis.
With consumer spending declining2, small business leaders are laser focused on revenue-driving activity such as customer acquisition (62%), client relationships (60%) and growth (54%) before cybersecurity (22%), with the latter being cited as their lowest priority. While over half (52%) worry about the risk of attacks, 52% also say it is too costly for them to invest in cybersecurity.
“There are so many priorities when it comes to running a small business. Cybersecurity is definitely a consideration, however it isn’t necessarily top of mind day-to-day, especially as the rest of our operating costs continue to increase,” said Sina Klug, owner of Sydney-based gluten free cake shop, Nutie Donuts.
According to the research, cost is the primary barrier to small businesses exploring their cybersecurity options (47%), with time (31%), lack of knowledge of the solutions available (30%) and the threats in existence (24%) also high on the list. In fact, 66% of small business owners say they would make more of an effort to put security features in place if they were aware of all the cybersecurity risks, while 68% feel they would benefit from simple cybersecurity resources to get them started.
Enter Jackson Henry, a 18-year-old ethical hacker who rose to fame in 2021 after identifying a vulnerability in the United Nation’s systems that would have exposed over 100,000 personally identifiable records. Mastercard has teamed up with the Australian HSC student to educate small businesses on common cybersecurity vulnerabilities and arm them with easy to understand, actionable insights to better secure their systems.
Cyber Secure in 60 Seconds
The 10-part series, available from today on Mastercard’s YouTube and social channels, aims to empower small business owners to take action when it comes to cybersecurity.
“I’ve worked with businesses of all sizes, all around the world, and the pitfalls are relatively similar across the board. However for small businesses, they often don’t know where to start, and lack the time, resources and budget of larger organisations, making it difficult for them to upskill in an area which is table stakes for businesses big and small,” said Henry.
The series covers 10 of the most common vulnerabilities a bad actor may seek to exploit, along with clear, cost-effective and achievable actions business owners can take to safeguard themselves, including:
- Educating and training employees
- Using strong, unique passwords
- Implementing multi-factor authentication
- Updating software regularly
- Using anti-virus software
- Limiting access rights
- Backing up data securely and regularly
- Exercising caution against phishing
- Enhancing email filtering
- Developing a cybersecurity policy and incident response plan
“Small businesses are the backbone of communities and make economies stronger. As data breaches and cyber crime pose real financial and reputational risks, it’s more important than ever for small business owners to educate themselves on cybersecurity. While the research suggests the large majority (67%) are taking some kind of action to protect their businesses, tackling the issue can often feel a little like trying to boil the ocean,” said Malika Sathi, Vice President, Cyber & Intelligence Solutions and Digital Identity, Australasia at Mastercard.
“As an ethical hacker, Jackson provides unique and incredibly impactful insight into the vulnerabilities a small business may face. In partnering with him, Mastercard hopes to arm business owners with a clear way to tackle the problem that doesn’t have to be complex or expensive,” Sathi concludes.
Ethically Hacking a Small Business
To demonstrate the importance of good cyber hygiene, Henry worked with Sina Klug at Nutie Donuts to demonstrate how a bad actor may attempt to gain access to their systems.
“Nutie Donuts had a lot of best practice measures in place, including awareness of phishing and employee training. However, I identified three key flaws in their current security protocol: lack of two-factor authentication, using common passwords and the same WiFi network for both public and business matters, that could have been exploited by someone who knew what they were doing,” said Henry.
“As a cake shop my business is relatively low risk when it comes to cyber attacks, but it was a real eye opener to see the gaps in our defences that I would have otherwise had no idea existed,” said Klug.
Both in Australia and around the world, Mastercard is committed to protecting small businesses against payment fraud, making payments safer for merchants and their customers. For more information on how your small business can leverage the latest cyber and payment security technology, visit Mastercard’s Trust Center (www.mastercard.com/trustcenter).
About Jackson Henry
Jackson is an ethical hacker who has a range of experience in penetration testing and cyber security. Jackson's findings in the United Nations Vulnerability Disclosure Program led him to gain access to 100,000 employee records and is his most notable achievement that showcases his ability and skill. He has also performed a range of security research across other organisations such as Harvard University, The US State Department, Ford Motor Company and The European Union.
About the research
The research was commissioned by Mastercard and Eleven PR and conducted by Lonergan Research in accordance with the ISO 20252 standard. Lonergan Research surveyed 1,007 Australians 18+ (502 Small Business Leaders and 505 Small Business Employees). Surveys were distributed throughout Australia including both capital city and non-capital city areas. The survey was conducted online amongst members of a permission-based panel, between 14/09/2023 and 25/09/2023. After interviewing, data was weighted to the latest population estimates sourced from the Australian Bureau of Statistics.
About Mastercard (NYSE: MA) www.mastercard.com
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.