Why cash flow problems are one of the biggest cybersecurity risks for small businesses
Picture: Octet - Supplied
Article Excerpt:
Cyber attacks are increasing – and small businesses are in the firing line. When a cyber criminal strikes, there’s more than compromised data at stake. For many businesses, a successful cyberattack can rapidly evolve into a cash flow crisis.
Cybercrime is now estimated to cost Australian small businesses $300 million annually. It’s no wonder then, that cyber incidents – including ransomware, data breaches and IT outages – were ranked the number one global business risk in the Allianz Risk Barometer.
Evan Vougdis, our Head of Cyber Intelligence and Cyber Response & Recovery provided insights in this article:
“Small businesses are often prime targets for cybercriminals due to their limited resources and expertise in what is deemed ‘best practice’ with regards to cyber security,” says Evan Vougdis, Head of Cyber Intelligence and Cyber Response & Recovery at NSB Cyber.
Why SMEs are more vulnerable to cyber attacks
SMEs are consistently among the most targeted – and least prepared – for cybercrime.
“Unlike larger organisations, small businesses typically lack dedicated IT security teams, advanced tools, or comprehensive defences, making them easier to breach,” says Evan.
What are the most common cyber threats facing small businesses?
The most common cyber security risks for small businesses? Email compromise (20%); business email compromise fraud – where the email compromise includes a direct financial loss – (13%); and online banking fraud (13%), according to the ACSC.
“Cybercriminals are increasingly using supply chain attacks to exploit financially unstable businesses as weak links,” says Evan. “IT providers are prime targets, especially during downturns when security investments lag, enabling widespread downstream breaches.”
Despite this, nearly three-quarters of small businesses lack enhanced cybersecurity measures. Many still don’t have basic protections against phishing, ransomware, or invoice fraud.
“Financial instability plays a critical role by forcing businesses to cut costs, often prioritising short-term survival over cybersecurity,” says Evan. “But this creates a dangerous cycle – weaker defences heighten the risk of attacks, which in turn worsen financial strain.”
The financial fallout from a cyberattack
A cyberattack can quickly escalate into a cash flow crisis, with businesses facing immediate expenses and delayed revenue at the same time.
“While ransom payments or data recovery are often highlighted, subtler financial impacts are frequently overlooked,” says Evan. “Insurers may increase premiums or deny coverage if vulnerabilities were missed – leaving businesses exposed to legal, forensic or third-party costs that exceed policy limits.”
Source: Octet - Tuesday 5th August 2025
Author: Russell Walsh, Octet
Reference: Why cash flow problems are one of the biggest cybersecurity risks for small businesses
To explore NSB Cyber’s Threat Intelligence services, including ransomware response and negotiation, head here.