It is a common phrase for insurance brokers and underwriters of cyber liability insurance to hear: “It can’t happen to me, we are just a small business”. The reality couldn’t be further from the truth.

A Cisco report published earlier this year predicted that the number of mobile devices (smartphones, tablets, laptops and other internet-enabled phones) accessing the internet will outnumber humans on the planet by the end of the year. The alarming growth in mobile devices, in conjunction with inadequate security systems on these devices, continues to fuel the burgeoning industry of cyber crime.

You can pick up any paper in any country around the world today and read headlines of the most recent cyber attack. The figures are usually quite alarming and the companies involved will often be among the most well known in the corporate world today. What are harder to find are stories on small businesses being targeted by cyber criminals; whilst they may be harder to find, it doesn’t mean it isn’t happening.

Symantec’s Internet Security Threat Report (Volume 18), released in April 2013, highlighted a jump in attacks involving small businesses to 31 percent of all attacks in 2012, up from 18 percent in the prior year. The report highlighted small business as a ‘soft target’ because stretched resources placed little, if any, focus on cyber security. This was particularly the case with new start-up entities.

To highlight the increasing trend of small business being targeted, the Australian Federal Police announced in November 2012 that they had uncovered the largest identity theft ever perpetrated in Australia. The Romanian gang responsible for the theft stole more than 500,000 credit card records from service stations and small retail outlets. The records were used to create counterfeit credit cards which were used in fraudulent transactions worth more than US$31m.

Jul-Sep 2013 Issue

AIG Australia