Diamond IT Blog

How to Protect your Business from Cyber Threats

Written by Samantha Cordell | January 4, 2022

In the last two years, Australian businesses have been faced with a seemingly relentless wave of challenges brought on by the pandemic and its ‘unprecedented times’. While staff shortages, lost income and remote working have impacted daily operations, cyber-attacks remain one of the largest and most damaging threats to a business.

According to the 2021 Australian Cyber Security Centre (ACSC) Annual Threat Report over 67,500 reports of cybercrime were received in the 2020–21 financial year alone, with the number of reports expected to only increase this year.

With major threats such as ransomware, phishing attacks, and business email compromise continuing to escalate and become more complex in nature, we urge business leaders to start this year on the front foot and ensure their cyber security strategy includes these three simple considerations.

 

Start with the Essential Eight

The Essential Eight is a "series of baseline mitigation strategies" recommended to organisations from the ACSC. The ACSC recognises that while no single mitigation strategy can prevent an attack, the Essential Eight serve as a baseline guide for businesses to implement in order to make it harder for cyber criminals to breach their network and systems.

Broken down into three subcategories, the Essential Eight Strategies to Mitigate Cyber Security Incidents includes:

Mitigation strategies to prevent malware delivery and execution

  1. Application Whitelisting
  2. Patch Applications
  3. Configure Microsoft Office Macro Settings
  4. User Application Hardening

Mitigation strategies to limit the extent of cybersecurity incidents

  1. Restrict Administrative Privileges
  2. Patch Operating Systems
  3. Multi-Factor Authentication

Mitigation strategies to recover data and system availability

  1. Daily backups - Ensure that a secondary copy of all of your business data is stored separately and securely which can easily be accessed and restored following the event of a cyber attack.

The ACSC exists to "help make Australia the most secure place to connect online" and provides advice and information about how to protect your business. If you are unsure where to start to ensure your cyber security strategy for this year is fit-for-purpose, the ACSC's website is a great place to start.

 

Know better, in order to do better

Cyber Security Awareness Training raises your employee’s knowledge and vigilance on how to identify potential cyber-attacks and gives them the skills they need to safely take the appropriate action required if they do fall victim to a malicious threat.

Reputable Cyber Security Awareness Training courses educate employees about cyber threats and attacks they may be subjected to every day. Ongoing training helps your employees navigate through the minefield that is cyber and data security and ensures they have the tools and experience to keep your organisation’s systems and data safe.

In addition to training, cybersecurity policies and procedures are one of the most critical tools in educating and setting expectations with your employees.  ​

Having policies that cover the acceptable use of IT systems, how to safely handle sensitive data and staff requirements on what they can and cannot do, all form part of this risk reduction activity.

If your organisation does not provide cyber security awareness training or strict IT policies and procedures, we strongly recommend working with a trusted technology provider to ensure you are not leaving the front door open to cybercriminals. 

Watch Now – Cyber Security Awareness Training for  your Employees

 

Sophisticated attacks call for sophisticated defences

The days of a strong password and an anti-virus protecting your systems are sadly long gone. The level of sophistication of the cyber-attacks we are seeing from criminals based around the world is like never before, and as such, the solutions required to protect against them have had to rise up to the task.

Modern protection solutions use artificial intelligence and high-performance intrusion prevention to identify and block known and emerging threats, while routine patching and multi-factor authentication ensure malicious threats are unable to slip through the cracks of your software or employees.

Coupled with the strategies provided by the Essential Eight, we recommend that all businesses speak with their technology provider to ensure that their cyber security defences include the following modern protection solutions:

 

How Diamond IT can help

The Diamond IT team specialise in reviewing cyber security strategies to ensure they are fit-for-purpose, align with government recommendations, and include the necessary defences required to best protect your business from malicious threats. 

Our Business Technology Managers (BTMs) and Business Technology Consulting team are specialists in improving your internal cybersecurity and are ready to speak with you. Contact our team on 1300 307 907 today.