top of page

Defending Against Cyber Security Threats

Cloud computing has delivered businesses amazing efficiencies. Yet in a world where sensitive personal data is connected to the web that poses a threat for data custodians and clients alike.

With the COVID-19 pandemic cybercriminals have come out of the woodwork and everyone is a potential target. You just have to look at Optus this week, Australia’s second-largest telco, was the target of a malicious cyber-attack, resulting in potentially millions of customers personal information being compromised.

If you are an Optus customer your name, date of birth, phone number, email addresses may have been released. For some customers identity document numbers such as driver’s licence or passport numbers could be in the hands of criminals. It is important to be aware that you be may be at risk of identity theft and take urgent action to prevent harm.

Optus customers should take immediate steps to secure all of their accounts, particularly bank and financial accounts. You should also monitor for unusual activity on your accounts and watch out for contact by scammers.

Scamwatch is warning Optus customers to protect their accounts and watch out for scams and take steps to secure their personal information. Scammers may use your personal information to contact you by phone, text or email. Never click on links or provide personal or financial information to someone who contacts you out of the blue. Learn how to protect yourself from scams by visiting

This situation highlights for all businesses the importance of considering cyber security because there’s a risk to your reputation and of losing clients, and from a legal perspective, you can get into trouble if you don’t adhere to cyber laws in Australia, such as reporting notifiable data breaches to the Office of the Australian Information Commissioner (OAIC).

The Australian Cyber Security Centre (ACSC) is the lead Australian Government agency in improving cyber security in Australia, and is providing advice and technical assistance to Optus in this situation.

The ACSC has a wealth of information and advice on how to improve your cyber security at the ACSC website

For Small Businesses, we recommend reading the ACSC 'Small Business Cyber Security Guide' which helps small businesses protect themselves from the most common types cyber security incidents, such as malicious software (malware), scam messages (phishing) and ransomware.

Another great resource provided are the step-by-step guides detail basic cyber security instructions for specific software, applications and devices.

The ACSC has also published updated ransomware advice, to help protect against and respond to ransomware attacks.

The ACSC urges all Australians to report cybercrime and cyber incidents to ReportCyber available at, or through the 24/7 Australian Cyber Security Hotline (1300 CYBER1)

Steps to protect your business against cyber threats include:

✔️ automatically update your operating system, software and apps

✔️ regularly backup your important data

✔️ train your staff to recognise suspicious emails and attachments

✔️ enable multi factor authentication to access services

✔️ do not share accounts or passphrases/ passwords between staff

✔️ remember to revoke access, delete accounts and/or change passphrases/passwords when an employee leaves, or if you change providers

✔️ consider using a password manager to save your passphrases freeing you of the burden of remembering which passphrase goes where

✔️ consider cyber security insurance to protect your business

Steps you can take to protect your personal information, devices and accounts include:

✔️ secure your devices and monitor for unusual activity

✔️ change your online account passwords

✔️ use strong passwords and enable multi factor authentication

✔️ check bank accounts for unusual activity such as items you haven’t purchased

✔️ place limits on accounts or ask the bank how you can secure your money

✔️ if you suspect fraud, you can request a ban on your credit report

Steps you can take to protect your devices and accounts include:

✔️ turn on automatic updates for devices and apps

✔️ activate multi-factor authentication (MFA)

✔️ backup your devices to an external storage device or to the cloud

✔️ where MFA is not available set secure passphrases

✔️ watch out for scams: email, SMS, phone calls and social media trying to trick you


bottom of page