Protecting your organisation from the impacts of security incidents, data breaches and cybercrime is now a must-do for every organisation, irrespective of staffing, services or revenue. Along with the increased use and benefits of digital technologies is the necessity to appropriately secure them and the information they hold.
Cyber security protection should be considered for:
- Anywhere information is stored, such as:
- End-user devices, such as PCs, laptops, phones and tablets
- Your email system(s)
- File sharing services, including file servers and Cloud storage
- Systems and apps, such as client & case management systems
- Physical copies of sensitive information
- Any device that transmits information, such as firewalls, routers and switches.
The impact of cybersecurity incidents on organisations ranges from operational disruption to bearing costs of legal penalties to reputational damage.
It is key to understand what information needs protection in your organisation. Note that Australia’s Health Records and Privacy laws require that you secure all your health and personal information.
Why the fuss?
In its 2023 Cyber Threat report, the Australian Signals Directorate noted: “Cybercriminals constantly evolved their operations against Australian organisations, fuelled by a global industry of access brokers and extortionists Business email compromise remained a key vector to conduct cybercrime. Ransomware also remained a highly destructive cybercrime type... Significant data breaches resulted in millions of Australians having their information stolen and leaked on the dark web.”
Australia’s Digital Trust Report 2020 indicates that cyber security enables digital trust, allowing people to have confidence that technology incorporates the elements of security and privacy. Building cybersecurity practices into your organisation will boost the confidence of your clients and build organisational resilience.
The Office of the Australian Information Commissioner received 1,012 notifications of data breaches in the period July 2023 - June 2024. Here are some key findings from the recent Notifiable Data Breaches Report: January to June 2024:
- Malicious or criminal attacks remain the leading source of data breaches
- Human error is also a significant source of data breaches
- The health sector remains the highest reporting industry sector
- Contact information remains the most common type of personal information involved in data breaches, followed by identity information
What should you do?
The good news is you don’t have to do everything at once. Our guides can help you draw up a road map towards effective organisational cyber security.
Recovering from a data breach can take weeks or months of effort, damage your reputation and impact revenue. Ensuring you have critical cyber security protections in place will go a long way towards protecting your sensitive organisational information. Refer to our guide on Cyber security essentials.
Learn more
The following guides provide some background and an overview of cyber security issues and challenges:
- Useful cyber security resources
- An overview of cyber security capability levels
- Privacy guidelines for not-for-profits.
Status message
Thanks for rating this guide.