Protecting your organisation from the impacts of security incidents, data breaches and cybercrime is now a must-do for every organisation, irrespective of staffing, services or revenue. Along with the increased use and benefits of digital technologies is the necessity to appropriately secure them and the information they hold.
Cyber security protection should be considered for:
- Anywhere information is stored, such as:
- End-user devices, such as PCs, laptops, phones and tablets
- Your email system(s)
- File sharing services, including file servers and Cloud storage
- Systems and apps, such as client & case management systems
- Physical copies of sensitive information
- Any device that transmits information, such as firewalls, routers and switches.
The impact of cybersecurity incidents on organisations ranges from operational disruption to bearing costs of legal penalties to reputational damage.
It is key to understand what information needs protection in your organisation. Note that Australia’s Health Records and Privacy laws require that you secure all your health and personal information.
Why the fuss?
In a 2020 report, the Australian Cyber Security Centre states: “Cyber crime is one of the most pervasive threats facing Australia, and the most significant threat in terms of overall volume and impact to individuals and businesses.”
Australia’s Digital Trust Report 2020 indicates that cyber security enables digital trust, allowing people to have confidence that technology incorporates the elements of security and privacy. Building cybersecurity practices into your organisation will boost the confidence of your clients and build organisational resilience.
The Office of the Australian Information Commissioner received 976 notifications of data breaches in the period July 2020 - June 2021. Here are some key findings from the recent January - June 2021 Notifiable Data Breaches Report:
- Malicious or criminal attacks remain the leading source of data breaches
- Other sources of data breaches are human error and system faults
- The health sector remains the highest reporting industry sector
- Contact information remains the most common type of personal information involved in data breaches
What should you do?
The good news is you don’t have to do everything at once. Our guides can help you draw up a road map towards effective organisational cyber security.
Recovering from a data breach can take weeks or months of effort, damage your reputation and impact revenue. Ensuring you have critical cyber security protections in place will go a long way towards protecting your sensitive organisational information. Refer to our guide on Cyber security essentials.
The following guides provide some background and an overview of cyber security issues and challenges:
- Useful cyber security resources
- An overview of cyber security capability levels
- Privacy guidelines for not-for-profits.