CICA, Features

Cyber Attacks; a threat to the crane industry operators big and small

cyber attack

Rutland Smith, Director of Harvey Norman Technology For Business (HNTFB) spoke at The Crane Industry Council of Australia’s (CICA) National Conference and Exhibition. From the feedback he received, it is apparent that Cyber Attacks are viewed as a genuine threat to the crane industry.

“I was grateful for the opportunity to present during CICA’s National Conference and Exhibition and from the feedback I received, Cyber Attacks do pose a genuine risk to the crane industry. This doesn’t surprise me as the criminals behind these attacks do not discriminate, they carefully plan their deception and implement their attacks with precision with any industry seen as fair game.

Cyber Criminals pose a very real risk to your business

“The subject of Cyber Security was even raised during the Crane Owners panel and the CEO of a national crane hire business shared how his business was only just getting back to normal following an attack five years ago,” said Rutland.

“During the conversations I had with crane businesses, there were many misconceptions about how vulnerable businesses are to Cyber Attacks. A lot of small business owners make the assumption that big businesses are at risk and their business is too small to be a target. The reality is it’s the other way around. Cyber criminals tend to focus on smaller businesses, and that’s because they are more vulnerable and have much lower defenses.

“We know from the Australian Cyber Security Centre (ACSC) statistics that 43 per cent of attacks in Australia actually happen to small businesses. So the first thing I’d say is the assumption that ‘I’m too small to be attacked’ is actually incorrect. The second thing I’d say is small businesses have the most to lose,” said Rutland.

Every industry is a target but criminals target different industries for different reasons, he added. The crane industry is particularly appealing to cyber criminals for fake invoice scams because of the larger size of the amounts transacted between crane businesses and their customers. The crane industry is also targeted for ransomware attacks because of the enormous costs associated with the business being unable to operate for days or even weeks.

The average cost of an attack on a small business in Australia is a little over $46,000, according to the ACSC. These costs can be crippling to a business and may even result in the business closing down.

Legal compliance is not optional

In addition to the financial risks associated with cyber security, many crane operators will need to make themselves compliant with government guidelines for legal reasons and because larger projects will exclude non compliant businesses from their tenders.

Rutland explains the risks to small and medium sized crane businesses involved in government work such as Tier One projects. 

“The issue to be aware of is that most large government departments, and certainly most large corporations, are now insisting that you have a certain level of cybersecurity before they’ll allow you to tender for their business. If you don’t meet the requirements, you won’t be allowed to tender or quote for the business. You’ll simply be prevented from even participating.”

The Federal Government’s Australian Cyber Security Centre has published a cybersecurity risk mitigation framework called the Essential Eight. 

In many ways, the framework has the same function as Occupational Health and Safety Guidelines, but instead of physical security, this is about cybersecurity. Rutland explains more.

“Under the findings of the courts, all businesses have a duty of care to protect their customer data, and the measurement for whether or not that duty has been discharged is whether or not the business has made the appropriate effort to implement the recommendations of the Essential Eight. The Essential Eight framework is complicated and it’s not something that you can implement by yourself, you need someone like us help you,” he said.

How can Harvey Norman help

Rutland explains how complicated cybersecurity can be for small to medium sized businesses and how HNTFB simplifies the process.

“One of the challenges for all businesses is to meet the standard of the courts. They have to implement the ‘Essential Eight’. That’s an incredibly complicated framework to implement, and almost no small business, that I’m aware of, is capable of implementing that by themselves.

“By getting HNTFB on board as their IT department, we are able to provide a small business with all the support that they need and ensure they are compliant with the government framework” said Rutland. 

HNTFB recently partnered with The Crane Industry Council of Australia (CICA) with the aim of offering members solutions to the increasing threat from cyberattacks. Rutland explains how HNTFB can help a crane hire business in practical terms.

“We are fortunate that we’ve entered into this relationship with CICA and we’ve created a landing page that’s been created specifically for CICA members.

“From this page, members are able to make contact with our team. They’re also able to see the special offers that are available to CICA members only, and they’re also able to learn more about cybersecurity by reading the ‘tips and tricks’ on the page. 

“We are asking owners of small to medium sized businesses to imagine how much more you can achieve with Harvey Norman as your IT department? We are just like a really large IT department for a big company. But we don’t just provide IT support and services, we also provide our customers with advice on what they should be doing with their IT moving forward,” he said,

Working with CICA and its members is exciting for Rutland and his team at HNTFB.

“We’re really pleased that CICA has approached us for this partnership, it is great that they’re taking the initiative in trying to protect their members from cyberattacks. We are keen to show CICA and its members what we are capable of and, as a show of goodwill, we are offering to provide an ‘Essential Eight Business Assessment’ free of charge. This normally retails for $499.

“There is nothing to be lost by having HNTFB conduct this assessment. We will provide members with an independent view that confirms everything is dandy and there is nothing to worry about, or we will provide you with a list of things that are missing and recommendations on how you can fix it. You don’t have to do that with us, you can go and do that with any provider you want,” said Rutland.

“With the various industry sectors we work in, there are always owners of small to medium sized businesses believing they are too small to be the subject of a cyberattack. We are here to tell you these criminals do not discriminate, they are targeting vulnerable businesses no matter the size, and as I’ve said, many businesses simply don’t recover from an attack. So, we are asking CICA members to take the FREE ‘Essential Eight Assessment’ and ask, ‘can you afford not to?’” finished Rutland. 

Visit the CICA members page at https://www.harveynormanbusiness.com.au/pages/cica to find out more about what Harvey Norman can offer.

Send this to a friend