
Cyber Security
Keeping your information safe with thorough information security & device management systems and processes
Basic Capability
We are in the early stages of developing our capability and have improvements to make. We likely:
- Aim to keep data secure but have limited formal controls covering people, processes and technology
- Have firewall and antivirus protection, but it isn’t centrally managed or monitored
- Have few IT security policies.
Intermediate Capability
We have the fundamentals under control to protect our information, but further improvements are possible. We likely:
- Have implemented most of the ACSC’s Essential 8 security protections
- Educate staff about where information should be stored based on what type of data it is – sensitive, confidential, public etc
- Securely encrypt and password-protect all devices that store sensitive information (such as client data)
- Centrally manage and monitor network firewalls
- Have approved security policies that staff understand and follow.
Advanced Capability
Our security protections work very well, deliver value and support us to achieve our mission. We likely:
- Have been independently assessed and confirmed as compliant against an information security standard
- Have a system that collects and analyses security information from all devices and accounts, identifying risks and appropriate actions
- Regularly reinforce security education so that staff consider security a key responsibility
- Undertake compliance testing to identify issues assess their risk and prioritise appropriate remedial action.
How ready are you?
Spend a few minutes to know how ready your organisation is to move to the cloud. This will help you understand what materials below will be on most valuable as you chart your own path to digital transformation.
Need More Expertise?
We have experts who can give you more tailored advice. Book now for a 30-min session to get key questions answered.

Lessons learnt in cyber security
How one organisation became a victim of a sophisticated cyber-crime. Hear their lessons learnt to make sure you are not next.
Basic
()
Cyber Security Essentials
Cyber security can seem daunting; but if you think of it as risk management rather than risk elimination there are some effective first steps that can greatly reduce your exposure to breaches.
The current cyber security threat landscape
A look at recent trends in the cyber security landscape reveals that the pandemic has exacerbated threats to organisations – and not-for-profits are not immune either. The cyber security landscape is constantly evolving, but some things never change.
Privacy as the foundation of trust
Not-for-profits provide services to and assist those who are sometimes the most vulnerable members of our society and as such, have a profound duty of care to protect their information.
Making the internet a safe place for all
As part of a global initiative, held in February each year, Safer Internet Day calls on us all to do our part in upholding the safety of the online environment.
Cyber security: What it is and why it matters
The basics on why it's so important to protect your organisation's information.
Why cyber security is so important
An overview of why cyber security protection is a must for every organisation.
Educating staff about cyber security
Staff education is an essential part of cyber security. Take a look at our list of key staff education topics, aspects of cyber security policy and email protocols for your organisation.
Cyber security training
Investigate our training offerings to help improve the security of IT within your organisation.Intermediate
()
Information Security policy for not-for-profits
To define and formally document your cyber security practices and processes, you can download and customise this template for your not-for-profit.
Achieving intermediate cyber security
How to plan for and implement a road map to intermediate-level protection from cyber attacks.
Best-practice cyber security governance
An overview of how to incorporate cyber security policies and governance into your organisational processes.
Privacy guidelines for not-for-profits
Download these privacy guidelines for detailed advice on how to protect your organisation's data.
DIY end user security policy
Download a high quality end user security policy template that you can adapt to your organisation's needs.Advanced
()
Achieving advanced cyber security
How to plan for and implement a road map to advanced-level protection from cyber attacks.