Despite being born into the Internet Age, Gen Z are less aware of common cyber threats yet equally confident in their ability to respond, according to a survey of more than 2000 small business owners and employees by the Council of Small Business Organisations Australia .
With small business owners still grappling to sure-up their cyber defences after a string of high-profile attacks last year, many run the risk of being over-confident in younger people's abilities, with 67% equating tech-savviness with cyber safety skills.
"While it's tempting to get your tech-savvy children or family members to sort out your social accounts or manage your online presence, not being cyber safe could have very real consequences," says Jane Mason, Head of Product, Channels & Risk at small business insurance service BizCover.
"We see many cyber insurance claims made by small businesses each year and it's alarming to see the lack of awareness about the key cyber risks that could lead them to these situations."
Jane Mason, Head of Product, Channels & Risk at BizCover
Jane says some of our most recent and common small business cyber claims have included social engineering (Phishing attacks), human error causing lost data, and ransomware.
The survey found that around only one quarter of Gen Z participants had even heard of the terms Trojan horse attacks, phishing, or ransomware.
Despite the lower ability to identify threats, Gen Z rate their skills to prepare, fight, and respond against a cyber-attack the same as older generations, indicating overconfidence.
The findings also show that GenXers and older Millennials in their 30s were the most likely group to take the risk of a cyber threat impacting their work or business seriously, yet a significant portion still said they were not concerned.
Combatting the risk of cybercrime
There is some hope to combat the risk of cybercrime, with more than half of Gen Z respondents (55%) saying they would be interested in learning safe cyber practices through COSBOA's new Cyber Wardens program launching later this year.
Sponsored by Commonwealth Bank (CBA) and Telstra, the Cyber Wardens program is designed to give crucial cyber skills training for small business owners.
"A good first step is taking stock of who is responsible for your business' cyber protection," COSBOA Chairman Matthew Addison said.
But while implementing best-practice cybersecurity in small business is essential, Jane Mason says sometimes risk prevention is not enough, and businesses need a financial safeguard in place for when things go wrong.
"The data breaches that make the headlines often happen to massive companies that can afford a massive amount of money and resources towards preventing an attack, and yet, cybercriminals still get through," says Mason.
"Small businesses often face much of the same threats but don't have the financial clout or time needed to fight cybercrime and may need to consider cyber insurance to bolster their cyber defense plan."
Cyber Liability Insurance* is one such safeguard designed to help protect small business owners from claims and support them in the event of a cyber breach or attack. Costs associated with defending a cyber claim are also covered.
Policies generally include cover for costs relating to the following:
- Data breaches including theft or loss of client information
- Network security breaches
- Business interruption costs
- Forensic investigation into the cause or scope of a breach
- Data recovery costs
- Cyber extortion
- Crisis management costs (to protect or mitigate damage to your businesses reputation resulting from a cyber event)
- And loss and legal costs, including fines and penalties resulting from a third-party claim for data or network security breach against your company
"Without a Cyber Liability policy, that extensive list may fall on the small business owner, which, for many, that will be too big of a burden to bear," says Mason.
Lessons learned
While it's clear that younger Australians have a long way to go compared to their older counterparts, the COSBOA research suggests that small business owners and employees are ill-prepared for a cyber-attack.
Although there are many resources available for SMEs to improve cybersecurity, the Cyber Wardens program is the first cyber security workplace certification program for the small business sector in Australia and will help small business owners prevent attacks.
And while it's not nice to think about, small businesses will also need to consider what they will do if a data breach does occur.
"We recommend the small business Cyber Incident Response Plan and Readiness Checklist provided by the Australian Cyber Security Centre (ACSC), which gives small business owners a great basis on how to respond to an attack," says Mason.
But if you don't think you can deal with the often costly and reputationally damaging consequences of a cyber-attack, then you may need to consider Cyber Liability insurance."
About us:
ABOUT BIZCOVER
BizCover's founders were troubled by the merry-go-round small businesses had to go on just to get the right insurance cover for their business, so they set out to give small businesses a fair go.
In an industry dominated by big players, time-consuming paperwork, and poor service levels, BizCover's online service boldly disrupted the insurance market by developing a platform that simplifies comparing and buying insurance from some of Australia's leading insurers.