SMEs urged to act now as cyber threats surge in New Zealand

On the bright side, cyber investments are on the rise

SMEs urged to act now as cyber threats surge in New Zealand

Cyber

By Roxanne Libatique

CERT NZ is calling on businesses across Aotearoa to make cybersecurity a top priority as cyberattacks increasingly target small businesses.

It noted that nearly half of all cyber incidents in New Zealand are aimed at small and medium-sized enterprises (SMEs), with the average cost of a data breach estimated at NZ$173,000.

Despite these risks, the National Cyber Security Centre (NCSC) reported that only 55% of SMEs consider cybersecurity one of their main concerns. Even fewer – less than half – feel sufficiently prepared to deal with a cyber incident.

Cybersecurity readiness of SMEs in New Zealand

The NCSC’s 2024 SME Behaviour Tracker showed that while some businesses have incorporated basic cybersecurity measures, many only act after falling victim to an attack.

The report found that one in three SMEs experienced a cyberattack in the last six months. Of these, 60% implemented new cybersecurity measures following the incident, while fewer than 30% of untargeted businesses made any changes.

In addition, key cybersecurity practices are still lacking across many SMEs. The report noted that 35% of small businesses do not back up their data regularly, and 23% fail to update software consistently, leaving them vulnerable to potential threats.

To help businesses address these challenges, the NCSC has introduced the Own Your Online initiative, which offers free resources and advice on cybersecurity. The platform includes an online assessment tool that provides a customized plan to improve each business’s cyber resilience.

Cybersecurity investments on the rise in Australia and New Zealand

A broader trend in Australia and New Zealand (ANZ) pointed to growing investments in cybersecurity.

A survey by Gartner found that 88% of chief information officers (CIOs) in the region expect cybersecurity to see the largest growth in technology investment by 2025.

This heightened focus is attributed to increasing regulatory demands and the occurrence of high-profile cyberattacks. Along with cybersecurity, other top investment areas include data analytics, cloud computing, and generative artificial intelligence (AI).

Brian Ferreira, vice president of EXP advisory services at Gartner, said that stricter regulations and recent large-scale cyber incidents are prompting organisations to bolster their defences.

“This continues to drive significant focus and investment towards cybersecurity and legal compliance into next year,” he said, as reported by Security Brief.

The findings, based on responses from 109 ANZ CIOs, were presented at the Gartner IT Symposium/Xpo held on the Gold Coast.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!