Cyber crime: why everyone is a potential target

cyber criminalThe estimated value of cyber-crime losses in Australia last year was $3.1 billion. It is estimated that well over 120,000 cyber-crime incidents occurred between January 2021 and December 2022. These statistics are likely underestimated as many instances of cyber crime go unreported.

While the Optus and Medibank breaches steal the headlines, the stark reality is that the overwhelming majority of victims of cyber crime are small and medium-sized businesses. On average, a small business can expect to suffer a $40,000 loss per cyber-crime breach and a medium business can expect an $88,000 loss.

While some businesses may be more susceptible to cyber criminals, the fact remains that everyone is a potential target. It was very recently reported that an earthworks business based in Grafton, New South Wales suffered a $1.2 million loss to cybercrime. Of course, this only reflects the loss of cash from the bank account. It does not take into account the loss of business reputation and the stress suffered by the business owners in dealing with the fallout caused by the attack.

As insurance companies are currently making a loss on their cyber security insurance products, and it is exceptionally difficult for the Australian government to effectively deal with criminal gangs based overseas, it is up to business and individuals to ensure they are cyber aware and cyber secure.

But they don’t have to do it alone. In fact, the community becomes more cyber safe as more people become cyber aware. This is very similar to the concept of ‘herd immunity’ implemented during the COVID pandemic.

Here are some of the ways you and your business can become cyber aware:

  1. Regularly check in at to see the latest cyber-crime alerts. The greater the awareness of the latest trick or scam, the less likely people will fall for it. There is a reason why we don’t see the Nigerian Prince scam anymore!
  2. Train your staff about how to spot potential cyber attacks and what they should do if they encounter a threat. Many cyber attacks rely on exploiting human emotions so that people click links without thinking. Proper training creates learned responses that defuse these potentially dangerous situations.
  3. Make a plan about what to do if a cyber attack occurs. Swift and decisive action in the first hour of an attack can drastically mitigate the financial damage. Having a clear chain-of-command detailed in a plan will allow rapid action. Pre-planned communications with staff and external stakeholders will ensure that any reputational damage from the fallout of an attack can be minimised.

To learn more about cyber crime and get further practical guidance about how to protect your business, please join us on 2 November at 10-11am for our Data Protection and Cyber Security Event


Share This Post


SME feedback sought on carbon emissions reduction support
Small and medium businesses can have their say on support they require to reduce carbon emissions.
Read more »
Green plant growing on coins next to green growth chart.
Federal Government issues first $7b green bond
Australia’s sustainable finance market achieved a major milestone with the Federal Government’s inaugural green bond issuing $7 billion.
Read more »
Workers Compensation changes are almost here – are you ready?
With less than a month to go, employers need to understand their responsibilities under the new Workers Compensation and Injury Management Act 2023.
Read more »