Info & Advice

Nothing throws your day off like a frozen screen or a sluggish computer. If you run a small business, you’ve probably dealt with outdated tech more than once. Sure, squeezing extra life out of old equipment feels economical, but it often costs more in the long run.

So, in recent times we’ve seen airline Qantas falling victim to a cyberattack which hit a third-party contact centre platform potentially exposing personal details of up to 6 million customers. On the NZ side of the ditch, New World took an arrow to the knee with a password spraying attack.

The landscape of remote work has transformed dramatically over the past several years. What began as a reactive shift to keep operations going during a major global disruption has now solidified into a permanent mode of working for many organisations, especially small businesses.

On Friday, 30th June 2025, Qantas confirmed a cyber incident affecting one of its offshore third-party contact centres. Approximately six million customer records were accessed, exposing personal information including names, contact details (email and phone number), Date of Birth and frequent flyer numbers. No financial or authentication credentials (such as passwords or card data) were determined to be accessed at this time.

What would happen if your business lost all its data tomorrow? Would you be able to recover, or would it grind your operations to a halt? Every small business runs on data, which includes customer information, financial records, communications, product files, and more. Yet data security often falls to the bottom of the to-do list.

Those who’ve tracked my ramblings over the years will note a measure of (shock, horror) cynicism in the FUD seemingly churned out as a byproduct of the infosec industry. And here we are again;

Over the past few years, we’ve become experts in digital efficiency. We join calls from home offices, cars, cafes. We screen-share, voice-chat, and message in real-time. Work, it seems, has never been more connected. But in a business context the more digitally connected we become, the greater the potential for human disconnection.

From the wonderfully complex defining most of infosec, we swiftly move to the wonderfully simple. Better a safeword, than a sorry one.

The cybersecurity industry is more crowded than ever- especially in managed services. endless vendors, countless products, and new buzzwords appearing faster than you can say “zero trust.” Businesses are left facing so many options that choosing the right one becomes nearly impossible.

Personal data protection is more important than ever in this digital world. The dark web is a secret part of the internet that is very dangerous because it is often used for illegal things like selling personal information.

Every morning, I stand before my coffee machine, a humble supplicant seeking caffeine. Sound familiar? Probably because you find yourself in much the same position (though in your home, not mine). But the coffee machine is wiser than it appears: It doesn’t care that I’ve spent years navigating the wilds of cybersecurity while exploring select espressos from Brazil and beyond.

A throwaway joke got me thinking recently. Any system that appears secure might just be that way because it hasn’t yet been compromised. And as we say in this game, there’s only two types of companies out there, those that have been breached and those that don’t know they’ve been breached.