3 Questions to help you get started with your businesses cyber security

Protecting your business from online threats might be on your business agenda. But where do you begin? We understand it can be overwhelming to think of ways to reduce your risk from a cyber attack. Which is why our team of experienced cyber security experts are here to help.  

Our experienced national cyber security team are world-class in keeping Australian businesses and their data secure. We’ll talk you through the best practices for keeping your business safe online, and how we can help you along the way. When you partner with us, you can trust that your business is protected by the best.  

1. Why do I need Cyber Security? 

Put simply, you need cyber security measures in place to protect your business and its data from online threats.  

Cyber security protects all categories of data from theft and damage, including sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data and governmental and industry information systems. We know, that’s a lot of data. 

You may be wondering why it is important to keep all that data protected. And the short answer is, prevention is much cheaper than a cure. Data breaches cost the average business almost $6m – a cost that many growing businesses simply can’t afford to pay. And not only are data breaches expensive, but they also result in reputational damage, operational downtime, legal action, and loss of your customer’s data. Basically, lots of hassle your business and your customers could do without. 

To keep all that data safe (and avoid footing a $6m bill), you need to invest in cyber security you can trust. Spirit’s cyber security experts work with you to understand your systems and develop a robust solution using the essential cyber security strategies.  

2. What are the essential Cyber Security strategies? 

The Australian Cyber Security Centre (ACSC) receives one report of cyber crime every 10 minutes. And unfortunately, the majority of those reports come from growing businesses across Australia. As cyber crime becomes more prevalent and attacks more sophisticated, simple anti-virus software isn’t enough to keep your business and its data protected.  

That’s why ASCS recommends that businesses implement a prioritised list of strategies to mitigate cyber security incidents, called the Essential Eight.  

These measures help prevent malware delivery and execution, limit the extent of cyber incidents in your business, and provide guidance on what you should do to recover data.

Daily backup of important data  

Daily backups should be an integral part of your business’ Cyber Security strategy, and if they’re not, we suggest you start backing up your data now.  

If you’re new to the habit of backing up, there are several options on where and how you can store copies of your all-important business data. For example, you can back up using hardware, such as a hard drive, or using the cloud, such as Spirit’s LiveCloud, or even both!  

The best solution for your business will be unique to your needs, but we almost always recommend moving your data to the cloud for ease and affordability. The type of cloud you choose, whether it be public cloud, hybrid cloud or private cloud, depends on the needs of your business.  

Multi-factor authentication 

Businesses use Multi-factor authentication across the Internet. It is a simple electronic method that grants your staff user access to a website or application after two or more pieces of qualifying evidence have been provided to an authentication system. 

For example, when you log into your online banking, you may be asked for a password and a unique code that has been sent directly to your mobile phone.  

Two-factor authentication makes it harder for hackers to gain entry to your valuable business data and protects your business from a costly data breach!  

Patch operating systems 

Patches are operating system updates that address security vulnerabilities within (you guessed it!) your operating system. 

Software vendors periodically release updates to fix performance bugs and provide enhanced security fixtures that keep your operating system performing at its best.  

At Spirit, we work with best-of-breed vendors to ensure your business can enjoy protection from some of the very best cyber security features on the market.  

Restrict administrative privileges 

Administrative privileges are the ability to make major changes to a system. And we’re sure we don’t need to tell you why it’s wise not to give your marketing intern or your team of freelancers  administrative privileges. The more people who have these privileges, the greater your risk.  

Keep administrative privileges strictly for those who need them, such as yourself and trusted members of your IT team. This will reduce the risk of your business’ data falling into the wrong hands.  

User application hardening 

We’ll block browser risks with user application hardening. By restricting what certain programs are allowed to do, we can protect your business from a costly data breach without any impact to your daily business operations.  

Disable Untrusted Microsoft Office Macros 

In Microsoft Office, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. To save time on tasks we do regularly, many of us bundle the steps into a macro, improving our productivity as we complete daily tasks. That’s technology that we like.  

However, since macros are programs written in a programming language, they can be compromised by malware authors, just like any other program. That’s technology that we don’t like.  

Microsoft Office VBA macros are an especially attractive target because Office is used by over 1.2 billion users worldwide. 

To protect your business from unnecessary threats, we will identify and disable any untrusted macros so that you can work efficiently without the fear of an attack. Simple.  

Patch Applications 

Application patch management is the process of testing, acquiring, and installing patches (code changes) on your computer systems. By repairing vulnerabilities in your system and identifying defective patches, our experienced team can keep your business updated and secure.  

Application controls 

Application control is a security practice that blocks or restricts unauthorised applications from executing in ways that put your business’ data at risk.  

Our robust application control measures include completeness and validity checks, identification, authentication, authorisation, input controls, forensic controls, and more. 

3. How can Spirit help reduce my business risk of being attacked? 

Over 43% of cyber attacks are on small businesses, and that number keeps on growing. Many businesses believe that a basic firewall and anti-virus package is enough to protect them from cyber crime. Unfortunately, that is not always reality. Trust us, we see it all the time. 

At Spirit, we offer a wide range of cyber security solutions, including expert-level cyber security services through Intalock as part of the Spirit group of companies.We deliver our services through a wealth of experience in understanding data, the lifeblood of any business, and using this to create a bespoke solution, designed just for you. 

We take a unique approach to cyber security. That’s why we’re trusted by many leading brands in Australia. Our dedicated team has decades of experience in understanding your data, its sensitivity and how it is used, stored and shared. This helps us to build and manage innovative solutions that reduce your risk, and most importantly, protect your business. 

Whoever said numbers were the most boring shapes? Our data-centric approach to cyber security is leading in Australia for a reason. We’ll take care of protecting your business, so you can get back to growing your business. Our solutions include: 

Advisory Services 

We’ll help you understand your current state of maturity. All so you can make an informed choice on how to distribute your funds and resources. 

Technical Services 

We’ll implement technical controls to improve the risk posture of your business environment. 

Managed Services 

Leverage world-class 24×7 continuous monitoring, detection and incident response services. 

Security Operations Centre 

24×7 managed security delivered out of multiple Security Operations Centres (SOCs). 

Protect your business from online attacks 

Let’s talk about what these three well-known Australian businesses have in common. Domain experienced a cyber attack that allowed authorised third party access to personal information and demand deposits. Melbourne’s RMIT University has shut down its IT systems to nullify what is believed to be a so-called phishing attack and Nine Entertainment faced major IT issues which hit its broadcast systems*. All three companies fell victim to cyber attacks that caused massive disruption to the business, forcing them to halt operation for a period of time. Now that’s some costly downtime.  

Our word of advice: be cyber-smart and implement security measures to protect your business and its data.   

Our Cyber Security services are everything your business needs to stay safe online. Your team of dedicated IT experts will take care of everything for you, from advisory and technical services to managed response – we’ve got it covered. Literally. 

Don’t lose your hard work to hackers.  

References:

1 Esssential 8
Source: https://www.cyber.gov.au/acsc/view-all-content/essential-eight
2 RMIT shuts down systems after malware hit
Source: https://www.afr.com/technology/rmit-shuts-down-systems-after-malware-hit-20210219-p5745f
3 Data breaches cost the average business almost $6m worldwide
Source: metacompliance
4 Nine Entertainment’s real estate-listing company Domain has fallen victim to cyber criminals
Source: https://www.theaustralian.com.au/business/media/nine-entertainments-rentallisting-company-domain-has-fallen-victim-to-cyber-criminals/news-story/a183492333d1c34cdb899af1ab1220fb

Think we can help your business out? Get in touch now

Related Articles