Bethany Alvaro 
New research from Optus has pointed out the major gaps and potential risks that small businesses in Australia face when it comes to cyber security and digital threats.
Optus found that 60 per cent do not have any cyber security plan in place, while businesses spend an average of just two hours a month on prevention. One in five devote no time at all.
“Cyber attacks aren’t slowing down – particularly with AI tools, they’re becoming more automated and opportunistic, and small businesses are increasingly being targeted as ‘low-hanging fruit’,” said cyber security expert Karissa Breen.
“While many businesses have basic protections in place, overall security practices aren’t strong enough, leaving gaps [that] attackers can easily exploit.”
Of these small businesses, sole traders were found to be the most at-risk group, with the large majority (79 per cent) reporting having no cyber security response ready, and 38 per cent taking no further action if an incident has previously occurred.
Among businesses that have experienced an attack, nearly a third say the biggest cost is the time and resources required to recover, while 21 per cent report productivity losses caused by system outages and 18 per cent suffer direct financial damage.
Phishing and email scams, unsurprisingly, account for the most incidents at 38 per cent, followed by malware and virus infections, and then hackers impersonating trusted contacts.
“Common vulnerabilities that attackers typically seek out and exploit include reused passwords, browser autofill, and minor password variations,” Breen said.
“Small businesses should adopt strong password hygiene, enforce multifactor authentication, and invest time in cyber awareness training to reduce these risks.”
Optus commissioned this research alongside the launch of its new program seeking to support small businesses in navigating the cyber security space.
The FutureFit program will provide free workshops for small businesses to learn and develop their cyber security skills.
“At Optus, we’re helping by providing personalised, practical plans that cut through the complexity and fit each business’s needs,” said Emma Jensen, executive general manager of small businesses at Optus.
“Cyber resilience doesn’t have to be hard – it just needs to be intentional.”
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.