“Employees are the first line of defence against cyber threats - properly trained employees can detect suspicious activity and protect your data.”
We’re launching a series interviewing businesses across the world about cyber security; discussing internal practices, concerns, and stories. We’re exploring companies of all sizes across a breadth of industries to see how cyber security affects them - and the lessons we can learn from their stories.
EMUCoupon is the first in the series - a company assisting eCommerce merchants in reaching new audiences and running sales promotions. The business launched in Australia and now also operates across the USA, Canada, and Europe.
What are the biggest cyber security challenges to your business?
We operate in the eCommerce industry, which poses the threat of e-skimming attacks. E-skimming is the practice of hackers gaining access to online stores by injecting malicious skimming code into payment processing segments of the website - extracting data. These attacks are often launched in order to steal customer information and have multiplied in recent years - especially for small businesses.
Will you be increasing cyber security investment next year?
Yes - I don't think business owners have a choice. By amping up our online security we can leverage new tools and hack tactics for protection. We are essentially sitting ducks if not. As a small business owner, I am still learning the world of cyber security myself; creating best practices and security policies for my employees along the way.
Employees are the first line of defence against cyber threats, detecting suspicious activity such as phishing emails. Having an appropriately trained team can save an exponential amount of revenue and customer trust. The onus is on business leaders to equip their staff with relevant training and skills so they can shield the business from cyber criminals.
How do you train your workforce in cyber best practices?
We are currently driving the movement in cyber security, so upskilling our teams is a top priority. I plan to start with cyber security awareness and phishing training - to combat the most significant worries head-on. Whilst some of my team have alerted to suspicious activity in the past, I am not willing to take the risk assuming the whole team can detect threats. Beyond this initial training, my goal is to create security culture within the company, and give my team an open environment to proactively learn about and act upon cyber threats.
What advice would you give to other businesses looking to invest in cyber security?
Don’t wait - the longer you wait, the more you are exposed to online threats. Like many other small business owners, I am increasingly aware just how exposed my business is to attacks of many forms. There is understandably an element of luck in not being the target of cyber criminals yet, but to avoid damaging future breaches processes absolutely have to be enacted.
Thank you to Elice Max for your input.