1 00:00:00,520 --> 00:00:09,240 Speaker 1: Today's episode is sponsored by Cyberwardens. My name is doctor 2 00:00:09,280 --> 00:00:12,800 Speaker 1: Amantha Imba. I'm an organizational psychologist and the founder of 3 00:00:12,840 --> 00:00:17,240 Speaker 1: behavioral science Consultancy Inventium. And this is how I work, 4 00:00:17,560 --> 00:00:20,520 Speaker 1: a show about how to help you do your best work. 5 00:00:21,160 --> 00:00:24,280 Speaker 1: If you're a longtime listener of this show, you'll know 6 00:00:24,360 --> 00:00:27,040 Speaker 1: that as well as being a podcast host, I am 7 00:00:27,040 --> 00:00:31,960 Speaker 1: a small business owner of workplace Consultancy Inventium. Today we're 8 00:00:32,040 --> 00:00:34,919 Speaker 1: tackling a topic that might not be as exciting as 9 00:00:35,000 --> 00:00:37,360 Speaker 1: launching a new product or landing a big client, but 10 00:00:37,600 --> 00:00:43,080 Speaker 1: it's just as important cyber security. Now, I know what 11 00:00:43,120 --> 00:00:45,600 Speaker 1: you're thinking, I'm just a small fish in a big pond. 12 00:00:45,680 --> 00:00:49,760 Speaker 1: Why would anyone want to target my business? Well, I've 13 00:00:49,800 --> 00:00:53,040 Speaker 1: got some news for you. Picture this. You're sitting at 14 00:00:53,040 --> 00:00:57,000 Speaker 1: your desk, sipping your morning coffee, when suddenly an email 15 00:00:57,040 --> 00:00:59,960 Speaker 1: pops up from your bank saying there's been suspicious active 16 00:01:00,440 --> 00:01:04,160 Speaker 1: on your account. Your heart sinks as you realize that 17 00:01:04,240 --> 00:01:08,960 Speaker 1: someone has hacked into your business's finances and drained your accounts. 18 00:01:09,760 --> 00:01:12,959 Speaker 1: It sounds like a nightmare, right, Well, this is a 19 00:01:13,000 --> 00:01:17,280 Speaker 1: reality for many small businesses in Australia. In fact, in 20 00:01:17,360 --> 00:01:22,200 Speaker 1: twenty twenty forty three percent of cyber attacks were aimed 21 00:01:22,240 --> 00:01:27,560 Speaker 1: at small to medium businesses. That's almost half, and the 22 00:01:27,600 --> 00:01:30,399 Speaker 1: cost of falling victim to one of these attacks on 23 00:01:30,520 --> 00:01:36,760 Speaker 1: average it's forty six thousand dollars per incident. But here's 24 00:01:36,800 --> 00:01:40,160 Speaker 1: the thing. Many small business owners think they're too small 25 00:01:40,200 --> 00:01:43,160 Speaker 1: to be targeted. They have this it won't happen to 26 00:01:43,240 --> 00:01:47,560 Speaker 1: me mentality that leaves them vulnerable, and trust me, I 27 00:01:47,640 --> 00:01:50,600 Speaker 1: used to think the same way. I was so focused 28 00:01:50,600 --> 00:01:54,080 Speaker 1: on growing my business that cybersecurity was the last thing 29 00:01:54,240 --> 00:01:57,440 Speaker 1: on my mind. But then I heard about a colleague 30 00:01:57,480 --> 00:02:00,200 Speaker 1: of mine who lost everything because of a cyber attack, 31 00:02:00,600 --> 00:02:04,920 Speaker 1: and that was my wake up call. So what exactly 32 00:02:05,200 --> 00:02:09,520 Speaker 1: are these cyber criminals after? Let's dive into the top 33 00:02:09,720 --> 00:02:15,600 Speaker 1: three reported cyber crimes. First up, we've got inbox break ins. 34 00:02:16,240 --> 00:02:18,359 Speaker 1: This is where a hacker gains access to your email 35 00:02:18,400 --> 00:02:21,679 Speaker 1: account and uses it to launch even more damaging attacks. 36 00:02:22,120 --> 00:02:24,280 Speaker 1: It's like they're throwing a party in your inbox and 37 00:02:24,280 --> 00:02:27,760 Speaker 1: you're not invited. They could send out fake invoices to 38 00:02:27,800 --> 00:02:31,239 Speaker 1: your clients, poses you to try and scam your employees, 39 00:02:31,720 --> 00:02:34,320 Speaker 1: or even use your email to hack into other accounts. 40 00:02:34,919 --> 00:02:39,200 Speaker 1: It is a real mess Next on the list are 41 00:02:39,280 --> 00:02:44,280 Speaker 1: fake invoices and payment redirection scams. Imagine this. You receive 42 00:02:44,280 --> 00:02:47,040 Speaker 1: an invoice from a supplier you regularly work with, but 43 00:02:47,120 --> 00:02:50,200 Speaker 1: something seems off. The bank details are different, and the 44 00:02:50,200 --> 00:02:54,240 Speaker 1: email address isn't quite right. Turns out it's a scammer 45 00:02:54,480 --> 00:02:58,000 Speaker 1: trying to trick you into paying them instead of your 46 00:02:58,160 --> 00:03:03,440 Speaker 1: actual supplier. Finally, we've got online banking fraud. This is 47 00:03:03,480 --> 00:03:06,200 Speaker 1: where a cyber criminal gains access to your bank account 48 00:03:06,280 --> 00:03:09,400 Speaker 1: and treats themselves to a virtual shoppings free with your 49 00:03:09,480 --> 00:03:12,880 Speaker 1: hard earned cash. They could drain your account in a 50 00:03:12,880 --> 00:03:15,919 Speaker 1: matter of minutes, leaving you scrambling to pick up the pieces. 51 00:03:16,800 --> 00:03:20,000 Speaker 1: The scary start, right, but don't worry. I've got you back. 52 00:03:20,200 --> 00:03:24,280 Speaker 1: Let's go through five simple tips to help keep you 53 00:03:24,760 --> 00:03:30,720 Speaker 1: and your business safe online. Tip number one use multi 54 00:03:30,720 --> 00:03:34,960 Speaker 1: factor authentification for all services and software that offer it. 55 00:03:35,720 --> 00:03:38,320 Speaker 1: I know it might seem like an extra strip, but 56 00:03:38,520 --> 00:03:43,240 Speaker 1: trust me, it's worth it. Multi factor authentication means that 57 00:03:43,280 --> 00:03:46,120 Speaker 1: even if a hacker gets the hands on your password, 58 00:03:46,480 --> 00:03:48,880 Speaker 1: they won't be able to log in without access to 59 00:03:48,920 --> 00:03:52,080 Speaker 1: your phone or another device. It's kind of like having 60 00:03:52,080 --> 00:03:55,280 Speaker 1: a bouncer at the door. Of your online accounts, checking 61 00:03:55,320 --> 00:04:00,920 Speaker 1: IDs before letting anyone in Tip number two. Every six months, 62 00:04:01,040 --> 00:04:04,840 Speaker 1: take some time to review the permissions on software where 63 00:04:04,880 --> 00:04:07,840 Speaker 1: several people on your team have access. This could be 64 00:04:07,920 --> 00:04:11,560 Speaker 1: anything from file sharing services like Dropbox or Google Drive, 65 00:04:11,840 --> 00:04:16,400 Speaker 1: to social media accounts or marketing and CRM software. Ask yourself, 66 00:04:16,600 --> 00:04:20,440 Speaker 1: what permissions do people need to do their job? Chances 67 00:04:20,480 --> 00:04:24,920 Speaker 1: are not everyone needs to be an admin. And here's 68 00:04:24,920 --> 00:04:27,880 Speaker 1: the thing. People come and go from companies all the time. 69 00:04:28,440 --> 00:04:31,800 Speaker 1: If someone leaves or changes roles and you forget to 70 00:04:31,800 --> 00:04:36,440 Speaker 1: remove their access, that's a potential security risk. It's like 71 00:04:36,560 --> 00:04:39,119 Speaker 1: giving a set of keys to your office to someone 72 00:04:39,160 --> 00:04:42,279 Speaker 1: who no longer works for you. You wouldn't do that 73 00:04:42,360 --> 00:04:44,800 Speaker 1: in the physical world, so why do it in the 74 00:04:44,800 --> 00:04:51,000 Speaker 1: digital world. That brings me to tip number three. Create 75 00:04:51,080 --> 00:04:55,520 Speaker 1: a leaving company procedure. This is essentially a checklist of 76 00:04:55,600 --> 00:04:58,520 Speaker 1: all the different services and software that someone had access 77 00:04:58,560 --> 00:05:02,520 Speaker 1: to so you can remove their permissions accordingly. It's like 78 00:05:02,560 --> 00:05:06,360 Speaker 1: a digital exit interview, and trust me, it's much easier 79 00:05:06,400 --> 00:05:08,920 Speaker 1: to do this as soon as someone leaves, rather than 80 00:05:08,960 --> 00:05:14,520 Speaker 1: trying to track everything down months later. Tip number four. 81 00:05:15,040 --> 00:05:19,400 Speaker 1: Back up your data. This is critical for cybersecurity, because 82 00:05:19,560 --> 00:05:22,000 Speaker 1: if you do fall victim to an attack, you could 83 00:05:22,080 --> 00:05:26,559 Speaker 1: lose everything. Make sure to regularly back up important data 84 00:05:26,640 --> 00:05:30,440 Speaker 1: and files to an external hard drive or cloud storage service. 85 00:05:30,920 --> 00:05:34,560 Speaker 1: It's like having a spare key to your digital office. 86 00:05:34,760 --> 00:05:37,120 Speaker 1: And don't just back up once and call it a day. 87 00:05:37,920 --> 00:05:40,920 Speaker 1: Do it regularly at least once a week, if not more. 88 00:05:41,560 --> 00:05:43,960 Speaker 1: That way, if something does happen, you can get back 89 00:05:44,000 --> 00:05:48,480 Speaker 1: up and running quickly without losing too much. I personally 90 00:05:48,560 --> 00:05:52,320 Speaker 1: at Inventium do a double backup. All our data automatically 91 00:05:52,320 --> 00:05:55,760 Speaker 1: saves to a cloud storage service, but I also manually 92 00:05:55,800 --> 00:05:59,960 Speaker 1: back up data regularly to an external hard drive. Finally, 93 00:06:00,400 --> 00:06:04,080 Speaker 1: tip number five, educate your team on what phishing is 94 00:06:04,480 --> 00:06:06,960 Speaker 1: and I'm obviously not talking about the activity you do 95 00:06:07,040 --> 00:06:10,080 Speaker 1: out on a link and now with phishing, set a 96 00:06:10,160 --> 00:06:14,600 Speaker 1: rule to not click links in external emails. Phishing is 97 00:06:14,640 --> 00:06:16,960 Speaker 1: when a scammer tries to trick you into giving up 98 00:06:17,000 --> 00:06:21,760 Speaker 1: sensitive information like log in credentials or financial details by 99 00:06:21,800 --> 00:06:26,000 Speaker 1: posing as a legitimate company or person. They might send 100 00:06:26,040 --> 00:06:28,400 Speaker 1: you an email that looks like it's from your bank, 101 00:06:28,520 --> 00:06:31,360 Speaker 1: asking you to click a link to update your account information. 102 00:06:31,800 --> 00:06:33,680 Speaker 1: But when you click that link, it takes you to 103 00:06:33,720 --> 00:06:38,440 Speaker 1: a fake website designed to steal your information. The best 104 00:06:38,480 --> 00:06:41,400 Speaker 1: way to prevent falling for these scams is to simply 105 00:06:41,480 --> 00:06:45,760 Speaker 1: not click links in external emails. Instead, go directly to 106 00:06:45,800 --> 00:06:49,320 Speaker 1: the website yourself. If you get an email from your bank, 107 00:06:49,640 --> 00:06:52,080 Speaker 1: open up a new browser window and type in the 108 00:06:52,400 --> 00:06:56,640 Speaker 1: URL yourself. Yes, it takes a few extra seconds, but 109 00:06:56,839 --> 00:07:00,760 Speaker 1: it could save you a world of trouble at the 110 00:07:00,839 --> 00:07:03,760 Speaker 1: end of the day. Cybersecurity is a lot like insurance. 111 00:07:04,320 --> 00:07:06,800 Speaker 1: You hope you never have to use it, but you're 112 00:07:06,880 --> 00:07:09,840 Speaker 1: sure glad you have it when you need it. So 113 00:07:09,960 --> 00:07:12,680 Speaker 1: take a few minutes each week to check in on 114 00:07:12,760 --> 00:07:16,280 Speaker 1: your online security habits and make sure you're doing everything 115 00:07:16,320 --> 00:07:20,400 Speaker 1: you can to protect your business. Your future self will 116 00:07:20,480 --> 00:07:23,680 Speaker 1: thank you. Thank you for sharing part of your day 117 00:07:23,760 --> 00:07:26,440 Speaker 1: with me by listening to how I work. If you're 118 00:07:26,600 --> 00:07:29,239 Speaker 1: keen for more tips on how to work better, connect 119 00:07:29,240 --> 00:07:33,160 Speaker 1: with me via LinkedIn or Instagram. I'm very easy to find. 120 00:07:33,560 --> 00:07:35,440 Speaker 1: Just search for Amantha Imba