Most NZ companies do not record being hacked
Most Kiwi companies do not record being hacked FintechNZ says, despite Cert NZ’s latest report showing almost 1000 New Zealanders reported hacking issues in the last quarter.
The Cert NZ report shows New Zealanders from Invercargill to the Bay of Islands suffered cyber security incidents, with the most common account types that attackers gained access to were cloud services and email accounts.
Cert NZ received 992 reports of unauthorised access in the latest quarter involving business and personal email accounts.
FintechNZ general manager James Brown says it is positive for New Zealand to see about 1000 incidents of cyber being reported to Cert NZ, however the bigger question is how many are not being reported.
“We know that only six percent of Kiwi companies have adequate protection,” he says.
“We also know that there are some fundamental basics that a company can put in place with no or minimal cost.
“People and staff still pose a great risk, so cyber security issues need to be high on the management agenda.
“About 90 percent of New Zealand businesses are small to medium enterprises so what would the impact be to them and the economy if more incidents happened?
“We know that cyber incidents cost New Zealand about $1.7 million in the last quarter and phishing made up 45 percent of all incidents reported.
“But that’s only the ones that have been recorded. Not every business wants to advertise they have been hacked for obvious reasons.
“Unitec are developing a product to help combat these issues and we are keen to do a national roadshow to help educate companies to protect themselves with some simple steps.”
Brown says small steps can be taken to minimise the impact of a cyberattack in New Zealand.
Some basic actions should be put in place straight away. Companies should install, use and regularly update antivirus and antispyware software on every computer used in their business and keep it updated.
They should use a firewall for their internet connection and make backup copies of important business data and information – and back up often, he says.
“Businesses must control physical access to their computers and network components and secure their wi-fi networks. Companies should make sure their employees only have access to the data they work with and they should all regularly change passwords.”