3 Steps to Help Keep you Cyber Safe

Cyber safety starts with protection, awareness and preparation

It’s no longer new news that cyber risks are a significant challenge for individuals, businesses and governments. The same applies for small businesses – on average there is a cyber attack reported in Australia every 10 minutes. What’s even more devastating is that according to the Australian Cyber Security Commission (ACSC) many SME’s only partially recover from a cyber incident, permanently loosing critical data.

There are many steps you can take before, during and after a cyber incident that can help contain and manage the damage if not prevent it. As with any disaster or unfortunate incident, having preventative measures in place, as well as a response plan can help lessen the impact of a cyber-attack.

Below, we outline some tips around cyber safety, broken down into 3 steps for you to consider implementing:

Protection

• Identify and protect your assets – Identify the data, devices and systems that enable your organisation to achieve its business purposes.
• Manage cyber risk – Identify, assess and manage the cyber security risks to your organisation’s data, systems, people and supply chain.
• Know who has access – Manage physical access to facilities and logical access to systems and devices.
• Back up – Ensure you regularly back-up important data and information to reduce the damage in case a breach occurs.
• Strong passwords – Ensure that you use ‘smarter passwords‘ which contain multiple numbers, letters, symbols and are unique to you and where possible use multi-factor authentication.

Awareness

• Smarter Protection – Have clear policies & security measures relating to your systems, data protection and privacy in case a breach occurs. Ensure your employees are aware of this.
• Acceptable use – Put in place a policy that stipulates the constraints and practices a user must agree to for access to your network and systems. Ensure that individuals are aware of and attest to having read and understood the policy.
• Awareness is action – Train your employees on the risks and importance of protecting sensitive information – especially personal information.
• On-going education – Provide regular awareness sessions to employees on how to identify irregular behaviour and how to be vigilant.

Preparation

• Response – Ensure that you have plans in place to respond to an incident and test them regularly, if possible, with internal and external stakeholders (i.e. legal, PR, crisis management etc.).
• Recovery – Ensure that processes are in place to minimise the downtime of systems and assets impacted by a cyber event and test them regularly.

It is vital for residential construction businesses to consider how they are mitigating cyber risks. A HIA Insurance Services specialist can help you to understand the risks commonly found in your industry and what options you have to help protect your business.