Series helps business owners grasp cybersecurity
New data reveals up to 132,000 Kiwi small business leaders have been targeted by cyberattacks. Now there’s a ten-part content series containing simple, low-cost insights for businesses to take action. A new study commissioned by Mastercard has unveiled the eye-opening scope of cyber-attacks among New Zealand’s small business leaders; up to 132,000 have experienced cybersecurity […]
New data reveals up to 132,000 Kiwi small business leaders have been targeted by cyberattacks. Now there’s a ten-part content series containing simple, low-cost insights for businesses to take action.
A new study commissioned by Mastercard has unveiled the eye-opening scope of cyber-attacks among New Zealand’s small business leaders; up to 132,000 have experienced cybersecurity issues. Of those impacted, 29% claim they experienced financial losses as a result.
Despite an increase in cybercrime reports last year1, over a quarter (27%) of small businesses have been forced to make cuts to cybersecurity due to rising cost pressures, with 64% claiming they are actively trying to scale down business costs amidst the cost-of-living crisis.
With consumer spending declining2, small business leaders are laser focused on revenue-driving activity such as customer acquisition (72%), client relationships (60%) and growth (53%) before cyber security (18%), with the latter being cited as their lowest priority.
While over half (51%) worry about the risk of attacks, 54% also say it is too costly for them to invest in cybersecurity.
According to the research, cost is the primary barrier to small businesses exploring their cybersecurity options (51%), with lack of knowledge on the solutions available (34%), the threats in existence (28%) and resources (26%) also high on the list. In fact, 67% of small business owners say they would make more of an effort to put security features in place if they were aware of all the cyber security risks, while 65% feel they would benefit from simple cybersecurity resources to get them started.
Enter Jackson Henry, a 17-year-old ethical hacker who rose to fame in 2021 after identifying a vulnerability in the United Nation’s systems that would have exposed over 100,000 personally identifiable records. Mastercard has teamed up with Jackson to educate small businesses in New Zealand and around the world on common cyber security vulnerabilities and arm them with easy to understand, actionable insights to better secure their systems.
Cyber Secure in 60 Seconds
“I’ve worked with businesses of all sizes, all around the world, and the pitfalls are relatively similar across the board,” says Henry. “However, for small businesses, they often don’t know where to start, and lack the time, resources and budget of larger organisations, making it difficult for them to upskill in an area which is table stakes for businesses big and small.”
The series covers ten of the most common vulnerabilities a bad actor may seek to expose, along with clear, cost-effective and achievable actions business owners can take to safeguard themselves, including:
“Small businesses are the backbone of our communities here in New Zealand, but as they continue to focus on post-pandemic recovery and growth, tackling cybersecurity may often feel like a big fish to fry,” said Ruth Riviere, Country Manager for New Zealand and Pacific Islands at Mastercard.
“We’re committed to arming small business owners with the tools and knowledge they need to keep themselves and their customers safe and protected. The data reinforces the urgent need for business owners in Aotearoa to upskill and educate themselves and their staff, and as an ethical hacker Jackson brings a unique and impactful perspective to tackling the issue.”
Ethically hacking a small business
To demonstrate the importance of small business owners educating themselves on cyber security, Henry worked with a small business to demonstrate how a bad actor may attempt to gain access to their systems. “Nutie Donuts had a lot of best practice measures in place including awareness of phishing and employee training. However, I identified three key flaws in their current security protocol: lack of two-factor authentication, using common passwords and the same WiFi network for both public and business matters, that could have been exploited by someone who knew what they were doing,” he says.