Series helps business owners grasp cybersecurity

New data reveals up to 132,000 Kiwi small business leaders have been targeted by cyberattacks. Now there’s a ten-part content series containing simple, low-cost insights for businesses to take action.

A new study commissioned by Mastercard has unveiled the eye-opening scope of cyber-attacks among New Zealand’s small business leaders; up to 132,000 have experienced cybersecurity issues. Of those impacted, 29% claim they experienced financial losses as a result.

Despite an increase in cybercrime reports last year¹, over a quarter (27%) of small businesses have been forced to make cuts to cybersecurity due to rising cost pressures, with 64% claiming they are actively trying to scale down business costs amidst the cost-of-living crisis.

With consumer spending declining², small business leaders are laser focused on revenue-driving activity such as customer acquisition (72%), client relationships (60%) and growth (53%) before cyber security (18%), with the latter being cited as their lowest priority.

While over half (51%) worry about the risk of attacks, 54% also say it is too costly for them to invest in cybersecurity. 

According to the research, cost is the primary barrier to small businesses exploring their cybersecurity options (51%), with lack of knowledge on the solutions available (34%), the threats in existence (28%) and resources (26%) also high on the list. In fact, 67% of small business owners say they would make more of an effort to put security features in place if they were aware of all the cyber security risks, while 65% feel they would benefit from simple cybersecurity resources to get them started.

Enter Jackson Henry, a 17-year-old ethical hacker who rose to fame in 2021 after identifying a vulnerability in the United Nation’s systems that would have exposed over 100,000 personally identifiable records. Mastercard has teamed up with Jackson to educate small businesses in New Zealand and around the world on common cyber security vulnerabilities and arm them with easy to understand, actionable insights to better secure their systems. 

Cyber Secure in 60 Seconds

The ten-part series ‘Cyber Secure in 60 Seconds’ is available on Mastercard’s YouTube and Instagram channels and aims to empower small business owners to take action when it comes to cyber security. 

“I’ve worked with businesses of all sizes, all around the world, and the pitfalls are relatively similar across the board,” says Henry. “However, for small businesses, they often don’t know where to start, and lack the time, resources and budget of larger organisations, making it difficult for them to upskill in an area which is table stakes for businesses big and small.”   

The series covers ten of the most common vulnerabilities a bad actor may seek to expose, along with clear, cost-effective and achievable actions business owners can take to safeguard themselves, including: 

1. Educating and training your employees

2. Using strong, unique passwords

3. Implementing multi-factor authentication

4. Updating software regularly 

5. Using Anti-virus software

6. Limiting access rights

7. Backing up data securely and regularly 

8. Exercising caution against phishing 

9. Enhancing your email filtering 

10. Developing a Cyber Security Policy and Incident Response Plan

“Small businesses are the backbone of our communities here in New Zealand, but as they continue to focus on post-pandemic recovery and growth, tackling cybersecurity may often feel like a big fish to fry,” said Ruth Riviere, Country Manager for New Zealand and Pacific Islands at Mastercard.  

“We’re committed to arming small business owners with the tools and knowledge they need to keep themselves and their customers safe and protected. The data reinforces the urgent need for business owners in Aotearoa to upskill and educate themselves and their staff, and as an ethical hacker Jackson brings a unique and impactful perspective to tackling the issue.”

​Ethically hacking a small business

To demonstrate the importance of small business owners educating themselves on cyber security, Henry worked with a small business to demonstrate how a bad actor may attempt to gain access to their systems. “Nutie Donuts had a lot of best practice measures in place including awareness of phishing and employee training. However, I identified three key flaws in their current security protocol: lack of two-factor authentication, using common passwords and the same WiFi network for both public and business matters, that could have been exploited by someone who knew what they were doing,” he says.  

For more information on how your small business can leverage the latest cyber and payment security technology, visit Mastercard’s Trust Center (www.mastercard.com/trustcenter).