With scam-related cyberattacks on the rise, Australian IT advisor Amit Singh is encouraging small businesses to take a more structured, practical approach to protecting their people and systems.
Singh, founder of evince Consulting, advises organisations across Australia on IT strategy, cybersecurity, and digital transformation. While his clients range in size and sector, he says scam prevention is a universal priority that too often gets overlooked.
“Most businesses don’t fall victim to scams because they lack tools or budget – they fall victim because no one owns the problem and there’s no simple, shared plan,” Singh said.
To help address this, Singh shares what he calls the “Three T’s of Cyber Maturity” – a practical framework designed to strengthen everyday scam defences:
- Tools – Use fit-for-purpose cybersecurity tools – from threat detection and response platforms to built-in protections like multi-factor authentication and email filtering – and ensure they’re properly configured to actually reduce risk.
- Tone – Establish a culture where employees feel confident to question suspicious requests, even from leadership.
- Training – Run short, scenario-based sessions to help teams recognise tactics like invoice fraud, urgent requests, or spoofed email domains.
“These are simple, high-impact actions that reduce your risk dramatically,” Singh said. “We use these same practices in our own business, and we see them work in businesses of all shapes and sizes.”
The Australian Competition and Consumer Commission (ACCC) reported small businesses lost over $13.7 million to scams in 2023 – a figure expected to rise as attacks become more sophisticated.
Why Cyber Education is Everyone’s Business
Singh believes awareness and education are the best investments businesses can make – especially for those without dedicated IT teams.
“Cybersecurity is no longer a ‘tech issue’. It’s a leadership issue,” he said. “When staff are trained to pause, spot red flags, and ask questions, they become the best line of defence.”
He’s now advocating for more accessible, community-based cyber education – including digital literacy workshops for business operators and team-based training for frontline staff.
“Education builds confidence. It removes the uncertainty and helps people make smarter decisions under pressure,” Singh said. “That’s what modern resilience looks like.”
Amit Singh cautions that scams remain one of the most damaging risks for smaller organisations – not just financially, but reputationally. Without a strong, simple strategy in place, even the best-run businesses remain exposed.
