Staying strong in the cyber world

Did you know that 71% of cyber attacks target businesses with less than 100 people? That got you thinking didn't it? But it's not just about having the right technologies in place to prevent this, it's about knowing what your valuable assets are and protecting those. An Associate Director In our Risk Advisory team, Kevin Kanji, explains. 

When large corporations or governments are attacked by hackers, we see the headlines rush around the world followed by intense speculation about the source of the attack. What can often be missed is that 71% of attacks actually target organisations of less than 100 people.

While the majority of attacks don’t usually result in millions of dollars of losses, small businesses are far less equipped to deal with the fallout. The average cost of a breach is now at $45,000 when taking into consideration loss, technical fixes and reputation damage.

Preparation for managing cyber risk is not all about technology. It can be described as three states.

Be Secure

Know your information. You must understand what your valuable assets are, whether that be customer data, a secret recipe, or payments information. Focus on protecting this, rather than trying to protect everything with a silver bullet solution. Separate your personal accounts from your company ones and don’t reuse passwords or account names between them.

Be Vigilant

Know your threats. You must be on the lookout for signs that all is not well. Learn to recognise phishing emails, attempts at social engineering and suspicious activity on your computer or systems. Use multi-factor authentication wherever available and follow up on alerts that you receive on unexpected behaviour, such as logins from unknown computers.

Be Resilient

Know how to recover. You must prepare to repair the damage and recover to normal in the event of an attack by using backups, secondary systems or workarounds that minimise the time that you are offline. Use resources such as Connect Smart ( to prepare for the risks.

By taking this approach, you will be better equipped to deal with the evolving threats that exist in the online space that provide so much benefit and opportunity for New Zealand companies to offer goods and services to a global marketplace.

Online, New Zealand is not geographically distant – it is milliseconds away from every other computer connected to the internet. Understand your risks and grow to be secure, vigilant and resilient.

If you'd like to learn more, contact Kevin to make make sure your business is 'cyber risk aware'.

Your total Risk Health Check

Now that you know how to protect your most important assets, it's time to cover off the whole package by looking at how well your business does with health and safety and fraud. Our experts are on hand to help you navigate this space!


Kevin believes in collaboration, the sharing and networking of ideas, and the social interaction of people to achieve great things. By providing bespoke and practical advice to people on information security and managing technology risks, he instals confidence in his clients. He works hard to find a way through to the “yes”, through encouragement of a declarative security approach.