banjo-logo

Business lending

Business lending

Simple, swift working capital and asset finance to help growth-driven businesses to develop and succeed.

Banjo Express

Get fast access to funds with less paperwork

Flexi Working Capital Loans

Get up to 4 months interest expense only repayments with

Single Pay Loans

Get a bridging finance facility to release working capital

Working Capital Loans

Get cashflow funding options to help growth

Asset & Equipment Finance

Get a flexible asset loan to finance assets and business moving forward

Our partners

About us

Knowledge hub

Login

If you think cyber criminals wouldn’t bother to target Australian small businesses, you’d be quite wrong. Banjo explains the risks and what you can do about them. 

If your email server, locally stored data or personal information was hacked, it could be one of the most catastrophic things to happen to your business. 

The monetary, reputational and strategic cost doesn’t bear thinking about. And so that’s often exactly what happens - we don’t think about it. Instead, we spend a few dollars on a basic security package, and cross our fingers that we’ll be safe.

After all, why would a hacker or other criminal be interested in a small Aussie business – surely they’re too busy attacking the bigger global players?

That’s an all-too-common misconception, says Kevin Mangano, CIO of Vow Financial. 

“Having any kind of web presence (email server or website), means you’re almost certainly getting scanned hundreds of times a day by bots programmed by bad actors to look for vulnerabilities.”

The Australian Cyber Security Centre’s latest Annual Cyber Threat Report (2022) states that Australia is attractive to cyber criminals in part because per capita it’s a wealthy country. During the 2021–22 financial year, over 76,000 cybercrime reports were received, an increase of nearly 13 per cent from the previous financial year. That’s approximately one cybercrime report every 7 minutes, compared to one report every 8 minutes in 2020–21.

The Report also says that medium-sized businesses (defined by the Australian Bureau of Statistics as having between 20 and 199 employees) had the highest average loss where a financial loss occurred.

This is often because larger companies tend to have stronger security measures and be better resourced to protect themselves. 

Kevin says the second biggest mistake is to under-invest in cyber security by buying a cheap, inadequate package, or cutting corners to save money.

“It’s a false economy to use ‘free’ online tools like PDF converters, or to share passwords instead of buying extra licences. It’s a bit like ultra-cheap car insurance – you wouldn’t trust that, so why would you leave your data and IP open to significant risk?”

“Having any kind of web presence (email server or website), means you’re almost certainly getting scanned hundreds of times a day by bots programmed by bad actors to look for vulnerabilities.”

Good cyber security is often sacrificed earlier in the business lifecycle, perhaps during the Growth stage, when money may be tighter, or perceived as needed to build other areas of the business.   

“Where cyber security is concerned, hope is not a good strategy,” says Nirosh Weerasinghe, who runs Finance Circle Group brokers, plus an overseas business that outsources services to brokers in Australia. 

“Everyone uses the same four-letter word: busy. They believe they don’t have time to set up all sorts of security measures. But if they’re not properly protected, they’ll eventually get hacked, and will spend way more time rectifying it than they ever would have in setting up the right protections. Not to mention how much else they’ll lose,” says Nirosh. 

Nirosh also points out that businesses who collect personal data from customers must always be mindful of privacy.

“Australia has strict privacy laws, for good reason. Make sure you always get customers to sign the privacy form before they provide their ID or financials. Do not accept that sensitive information before you have the signed form from them. And never let them send it to you via email.”  

Julian Hedt, CTO of Banjo Loans says there are 4 key actions businesses can take:

  1. Never send or receive sensitive ID or financial details via email, as it’s the weakest link, security-wise. Instead, have customers or associates upload the data to your CRM or Google Drive, or collect ID face-to face. Have strong email filtering protection, for more than just spam, eg phishing filters and infected document identification.
  2. Always use two factor authentication (where 2 methods of identification are needed to verify identity, eg a password and a PIN sent to the user’s mobile).
  3. Use a major Cloud Services provider such as Google or Microsoft – who generally have the most robust systems with state-of-the-art technology - to share data or information.
  4. Make sure your staff are trained (preferably by a professional) in internet hygiene.

If you think ‘OK I need this, but how can I afford proper cyber security?’, sit down with your broker or accountant and work out how you can use working capital funding to protect your business. 

As a general rule of thumb $30-50 per month per employee should buy secure cloud storage from the likes of Google, Microsoft 365 or Dropbox, plus an anti-virus system for each computer used by staff. A training program by a cyber security consultant will be an additional cost, but will give peace of mind that the whole business is covered.

In cyber-security, you don’t know what you don’t know. Investing to secure your business can protect you from a world of pain.

Our commitment to you

bfo-logoafca-logo
* Disclaimer: Fees, lending criteria, terms and conditions apply (including an origination fee on each advance). Actual fixed fee (or interest expense) and repayments will vary based on your individual circumstances. Advertised rates are subject to change at any time. Fixed fee (or interest expense) accrues upfront and is paid in instalments. While Banjo does not generally take security over assets, director guarantees may be required and a general security deed or other security may be required for larger loans or in respect of some loan types. Statements regarding timing in relation to applications, approvals and funding are only indicative. Any advice given does not take into account your personal circumstances and you should carefully consider what products are appropriate for you and obtain professional advice where relevant.

Copyright © 2022 Banjo® Loans. Banjo® and Banjo Score® are registered trade marks used under licence by Banjo Loans. All loans are provided by FundIT Ltd ACN 601 130 527 in its capacity as trustee of the Banjo Small Business Loan Fund ABN 32 713 685 984 (AFSL 468033). All loans are subject to eligibility criteria and approval by Banjo. Upfront fee, terms and conditions apply.