Provide regular and detailed cyber security awareness sessions for your staff. These can be conducted via e-learning modules, videos or virtual or physical meetings.

Collard says the biggest issue around cyber security is humans, not machines.

"Behaviour has a lot to do with that,” he says.

“It is one thing being trained and being competent with your email, it’s another to believe fundamentally why you’re doing it. You are not doing it to pay lip service – you are doing it because you could very well be compromised.

“At one point in time you will be compromised, and it could be in ways you don’t know.”

Having a strong password, changing it regularly, using a password manager and two-factor authentication can help prevent cyber attacks.

Password managers, such as 1password or Zoho, allow you to securely house your passwords without needing to remember them.

The software encrypts your passwords by only retrieving a partial version, which can be accessed using a pin code.

It is important not to have the same password across different logins, and having a tool to manage your passwords eliminates the need to remember multiple passwords.

Two-factor authentication strengthens the security of your networks and makes it harder for hackers to gain access to your information by requiring them to overcome two hurdles.

Tools like Google Authenticator ask users to protect their passwords with a passcode, fingerprint or security key.

Privilege access should be reserved for a select few and should run separately to users’ individual accounts.

Business owners who provide administrator access to their entire staff may save time in the short term, but it leaves the organisation exposed to devastating cyber attacks.

Collard explains that hackers can infiltrate computer systems without a user’s knowledge if that person is logged in with administrator privileges.

“Malicious payloads are easier to execute if you are logged into a computer with administrative privileges,” he said.

A payload is described as the component of software that can cause harm to the victim.

Instead, provide the login details to a few people within your organisation, who can use them to download trusted links or software.

According to data safety website DataProt, 560,000 new pieces of malware are detected worldwide every day.

Software updates often contain critical patches to security holes the perpetrators of cyber crime expose, therefore it is crucial to keep your software up to date.

Stefan Prandl, Chief Technology Officer at WA cyber security start-up Hyprfire, explains that businesses often say, “why would anyone care to attack us?” or “who are these people and why do they have so much time on their hands?”.

“These questions come from a place of misunderstanding,” Prandl says.

“The growth of computers in the world has been at least evenly matched by the growth of cyber criminals. Many of these earn their living from their criminal activities."

Prandl says every mistake in code that developers make represents an earning opportunity, "allowing attackers to hit as many companies as possible before the 'demand' dries up – that is, it gets fixed and your IT team patches it.”

He adds that security engineers, malicious scripters, and even scientists hunt for these opportunities in the same way businesses hunt for market opportunities, and for the same reasons – commercial gain and reputation.

“The only way to get out of the target market for an attacker is to know what software is on your systems, and to keep them up to date," he says.

Anti-virus software should be regularly updated.

Even if you take all the measures to prevent a cyber attack, there is still a likelihood your business could be hit.

Prandl says businesses should prepare for a breach assuming they will be breached.

“Attackers are very persistent, very smart, and have all the benefits of automation that we enjoy in 2021," he says.

“The most advanced defence strategies assume that the breach has already happened, and look for threats proactively all the time.”

Equipping your business to respond to such an event will empower you to keep your business running smoothly while handling a security breach.

Collard suggests:

• establishing the important functions that keep your business running and have contingencies in place to protect those;
• consider what is valuable for you to operate such as payroll, employee records and intellectual property;
• document those records and find a way to operate if that information is lost, including back-ups or spare equipment; and
• create a disaster recovery plan that includes storing valuable information off site and is supported by a business continuity plan.