There’s no downtime for cyber criminals, who are always on the look out for there next digital victim. No small business is immune unfortunately, which is why it is important to understand the basics of cyber security and what your business needs to consider doing to protect itself from an attack.  

With more and more businesses communicating digitally, things like emails and phone messages become prime opportunities for spammers to create havoc by accessing personal information in the click of a button. These are everyday activities that businesses undertake, but with a little preparation and awareness your business can be cyber savvy. 

Understand scams 

Things like personal and business information (names, tax file numbers, bank details, etc.) are often requested by trusted agencies like the Inland Revenue Department (IRD) and finance professionals.  

The way scammers are getting their hands on these valuable details is by creating look-a-like emails and impersonating official representative phone calls and text messages. Here are some tell-tale signs that something may be a scam: 

  • Government agencies will never call you to ask for your bank account or credit card details 
  • Be careful of any emails that you may receive that are not addressed to you directly 
  • If an email contains links or attachments be careful opening these as they may contain malware 
  • View the email address that the email came from 

These are some of the common types of scams that often target small businesses: 

Phishing emails: These can be emails that pretend to be from a trusted authority like the IRD or a financial institution. They will often request that a form to be completed or a link to be followed, which enables them to infect the device with a virus or malware. 

GST/Tax scams: Scammers may contact you advising that you have overpaid your GST/tax and that you are legible to receive a refund. They may also proceed to ask for your financial details and request you pay an admin fee via electronic transfer. 

Another type of scam will advise that you have underpaid your GST/tax and that you need repay the debt, requesting that you purchase a pre-paid debit card which they request the details of to access the money. 

Have strong IT systems in place 

Many small businesses are commonly seen as soft targets because they hold valuable data. Things like client and supplier information (including financial details) intellectual property and sensitive business data are often all stored electronically.  

This is where investing in a robust IT system might be important. If you don’t have the resources to do your own IT, consider looking at hiring the help of a professional IT consultant or company. These are some of the areas small businesses might want to think about when it comes to IT security: 

  • Having an IT policy in place 
  • Monitoring and controlling who has access to information 
  • Implementing a security policy 
  • Making sure all systems have the appropriate virus protection software installed 
  • Protecting wi-fi passwords and who has access to them 
  • Using two-factor authorisation to add an extra layer of security 

Preventative measures 

In addition to having an adequate IT system and processes there are some other measuressmall businesses can take to help minimise the risk of being the victim of a cyber-attack: 

  • Educate staff on the correct and safe IT procedures 
  • Upskill yourself and your team on recognizing the signs of cyber attacks and what to do if they encounter one 
  • Make sure data is regularly backed up 

Staying up to date with any potential scams and attacks is another way to stay on top of the  cyber security game. Government resources like the National Cyber Security Centre provide advice and details on cyber security tips and information on what to do if you do spot a cybercrime.  

Protect your business with Cyber Liability insurance* 

One step that you can take to help safeguard your business is by considering Cyber Liability insurance. Cyber liability insurance is a type of business insurance product which protects your business against both the legal costs and expenses (including compensation payments) related to cybercrime incidents. Your coverage may generally include cover for expenses and legal costs relating to the following: 

• Data breaches 

• Theft or loss of client information 

• Business interruption costs 

• Forensic investigation 

• Data recovery 

• Extortion 

• Fines and penalties 

• Crisis management costs (to restore your businesses reputation after an attack or data breach) 

• Legal costs from any ensuing civil action taken against you or your company 

Getting your business insurance sorted has never been easier. With Public Liability Insurance, we provide a hassle-free online insurance experience providing multiple quotes from some of New Zealand’s leading insurers, so you can compare and save on your policy in minutes.   

* This information is a general guide only and does not take into account your objectives, financial situation or needs.  As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording. The information contained on this web page is general only and should not be relied upon as advice. 

Public Liability Insurance is a trading name of BizCover Limited.  BizCover Limited is owned by BizCover Pty Ltd (ABN 68 127 707 975).