INTHEBLACK February 2025 - Magazine - Page 40
P O D C AS T
WITH INTEREST PODCAST
SUBSCRIBE
The With Interest podcast features economic updates and developments
for the business world. Here are some highlights from a recent episode.
to the podcast
ESSENTIAL CYBER SECURITY
INSIGHTS FOR SMALL BUSINESS
With more than two decades of experience in the fields of public practice
accounting, cybersecurity and digital forensics, Tyler Wise shares his
thoughts on cybersecurity challenges and best practices. Wise is a member
of CPA Australia’s Digital Transformation Centre of Excellence.
TRAINING AND GOVERNANCE
PASSWORDS AND USERNAMES
“It’s difficult for [people] to distinguish
between the reality and some of those
big attacks. They are entertaining and
sophisticated, but what we see on the
smaller spectrum is just simple social
engineering. Phishing and ransomware
are still prevalent, which can be easily
circumvented with education, training
and governance solutions.”
“Just some simple hygiene to make sure
that we’re updating the username and
passwords to something unique, long and
complex is what we say a password should
be. We don’t want to be stopping people
from deploying technology and driving
business efficiencies — we just want them
to take a couple of minutes longer and
add some security safeguards.”
NETWORK CHECKS AND SMALL STEPS
SPEAK UP
“[Companies are] failing to undertake
environmental scans of what they’ve got.
Not necessarily of the larger environment,
but of their own network. Thinking that
the vulnerabilities might exist strictly in
computers, laptops and workstations — when
we see that printers are still a risk, modems
are a risk and bring-your-own devices are
a significant risk.
“We try and get them to understand that and
take some small steps. Cybersecurity isn’t a
journey that’s going to be finished overnight,
so we encourage them to use some of the free
resources that are out there, and familiarising
themselves with the Essential Eight is a really
good place to start.”
“Social engineering is still the way attacks
are most commonly commenced, unless
you’re a specific target. A person of high
wealth or high interest might suffer an
attack without them knowing it.
“But when we think about smaller
businesses and everyday people, they’re
often receiving something that they’re
engaging with that causes them to have
that ‘oh no’ moment. You click on an email
you wish you hadn’t, then some people
put their head in the sand and pretend it
didn’t happen because of the stigma that
goes with the responsibility of saying,
‘I caused a cybersecurity incident.’ We all
make mistakes.”
40 INTHEBLACK February 2025
TYLER WISE, CYBERWISE
LISTEN
to the full
podcast episode
