the adviser logo

SMEs faced with the ‘biggest’ cyber risk: NAB

by Adrian Suljanovic11 minute read

Research from the major bank has highlighted concerns over the preparedness of Australia’s small businesses against cyber attacks.

NAB’s Consumer and Business Insights report for September 2023 indicated that the Australian small- to medium-sized enterprise (SME) sector stood as one of the least prepared sectors when it came to defending against cyber threats.

The research analysed to what extent do businesses conduct training around cyber security and scams and found that SMEs scored an average 3.6 points out of 10, with only 15 per cent of SMEs overall stating they conducted extensive training around cyber security, while four in 10 did not do “much training at all”.

Further findings revealed that training rated low in most states ranging from 3.8 points in Western Australia to 3.3 points in South Australia, while Tasmania scored higher with 5.6 points but from a smaller sample size.


Training was found to be the highest among the finance and insurance sector, scoring 6.6 points, with over 40 per cent of firms conducting extensive training.

National cyber security coordinator Air Marshal Darren Goldie recently sat down with NAB chief security officer Sandro Bucchianeri to discuss cyber security issues for Cyber Security Awareness Month.

Mr Goldie stated the pressing need for more cyber education and awareness among the community (SMEs in particular) was “one of the biggest red flags in Australia’s defensive capabilities”.

“The growing threat of cyber crime is really pointed towards the top end of SMEs who are more at risk but are battling competing priorities with fewer resources,” Mr Goldie said.

“The cyber criminals we’re up against are global transnational gangs, that aren’t concerned by geographical borders or legal jurisdictions.

“They target households, governments, businesses and the most vulnerable communities, and that’s what I am most concerned with.

“They are small enough not to have full time cyber security teams and generally don’t have the resources for a 24/7 threat response partner.

“Unfortunately, these are the targets that cyber criminals can attack easily and demand a ransom.”

Aussies becoming ‘more scam aware’

Along with the research released by NAB, data from the Commonwealth Bank of Australia (CBA) recently found that Australians are becoming more scam aware, with 73 per cent of respondents stating they have become more concerned with scams over the past year.

The figure was a 16 percentage point increase on the same statistic 12 months earlier, when almost three in five Australians said they had become more concerned about scams over the last 12 months.

The increased awareness was attributed to anti-scam initiatives and awareness campaigns conducted by both financial institutions and government organisations.

Prevention is better than cure

Speaking to The Adviser, director of cyber security company DotSec, Dr Tim Redhead, revealed that bouncing back from a cyber attack can prove to be costly, with prevention often being better than finding a cure.

According to Dr Redhead: “Getting into the position where you have to decide whether or not you’re going to pay a ransom or take action means it is already too late. The horse has bolted. You want to avoid this happening in the first place.”

If you’d like to find out more about DotSec and Dr Tim Redhead, tune in to Momentum Media’s brand Cyber Daily to watch an exclusive with Dr Redhead and Cyber Daily managing editor Liam Garman here.

[RELATED: The true cost of a data breach]

nab   ta


You need to be a member to post comments. Become a member for free today!
Read the latest issue of The Adviser magazine!
The Adviser is the number one magazine for Australia's finance and mortgage brokers. The publications delivers news, analysis, business intelligence, sales and marketing strategies, research and key target reports to an audience of professional mortgage and finance brokers
Read more