Cybersecurity strategies for protecting your business – Part 1

As we become increasingly reliant on technology in our personal and professional lives, the risk of being targeted by cybercriminals also increases. In fact, according to ACSC’s latest annual cyber threat report, During the 2021–22 financial year

  • over 76,000 cybercrime reports were made via ReportCyber, an increase of nearly 13 percent from the previous financial year.
  • The financial losses due to BEC have increased to over $98 million with an average loss of $64,000 per report.
  • One cybercrime report is made approximately every 7 minutes.
  • Medium-sized businesses had the highest average loss per cybercrime report where a financial loss occurred. The cost per cybercrime report on average increased to 14 percent, to over $39,000 for small businesses, $88,000 for medium businesses, and over $62,000 for large businesses.
Cybercrime reports and average reported loss by organisation size for the financial year 2021–22
Source: ACSC Annual Cyber Threat Report 2022
  • The number of publicly reported software vulnerabilities (Common Vulnerabilities and Exposures – CVEs) worldwide has increased up to 25 percent
  • 150,000 to 200,000 Small Office/Home Office routers in Australian homes and small businesses are vulnerable to compromise including state actors.

Cybercrime reports by type for the financial year 2021–22,
Source: ACSC Annual Cyber Threat Report 2022

Businesses that fall victim to cyberattacks can suffer devastating consequences. So how can you protect your business from cybercrime? Here are a few strategies to get you started!

Security Assessment

A security assessment is an important part of any ISO 27001 compliance effort. By establishing a baseline and closing existing vulnerabilities, organisations can improve their overall security posture. However, assessments can be time-consuming and resource intensive. As a result, it’s important to consider the scope and objectives of the assessment before starting the process. When was your last assessment? Are you due for another one? Depending on the size and complexity of your organisation, you may need to conduct an assessment more or less often. But regardless of how often you assess your security, it’s always important to stay up-to-date on the latest threats and vulnerabilities. By keeping your assessment program up-to-date, you can help ensure that your organisation is as secure as possible.

Spam E-mail

Now more than ever, email security is critical for businesses. With the increasing reliance on email for communication, both internally and externally, it is essential to have a secure email system in place. There are a number of ways to secure email, and the best approach depends on the needs of the business. However, some common email security measures include using a secure email service, encrypting email communications, and implementing two-factor authentication. By taking these steps, businesses can help to protect themselves from email-based attacks.


Cybersecurity consultants recommend that organisations implement security policies to limit user access and control what users can do on their devices. One way to do this is to restrict or deny access to USB storage devices. This helps to prevent users from downloading sensitive data or introducing malware onto the network. Another security measure is to enable enhanced password policies. This requires users to create strong passwords that are difficult to guess. It also limits the number of failed login attempts and forces users to change their passwords on a regular basis. Finally, setting user screen timeouts helps to prevent unauthorised access in case a user leaves their device unattended. By implementing these security measures, organisations can help to protect their networks from cybersecurity threats.

Cybersecurity Awareness

Cybersecurity awareness training is essential for all organisations in today’s cybersecurity landscape. By educating employees about data security, email attacks, and your policies and procedures, you can help to protect your organisation from potential threats. However, designing and delivering effective security awareness training can be a challenge. That’s where we can help. Our team of cybersecurity consultants can work with you to create a customised training solution that meets your specific needs. We can also provide “done for you” security policies that are designed to help you meet ISO 27001 compliance requirements. Whether you’re just getting started with security awareness training or looking to improve your existing program, we can help.

Advanced Endpoint Detection & Response

It is critical that businesses have the latest IT solutions in place to protect their data from malware, viruses, and ransomware. Antivirus software is no longer enough – businesses need advanced endpoint security. The latest technology can detect and respond to file-less and script-based threats, as well as roll back a ransomware attack. This is essential for businesses of all sizes who want to protect their data and avoid the costly consequences of a cyberattack. Investing in the latest IT solutions will help keep your business safe and secure.

Cybercrime Is Getting Worse

Unfortunately, cybercrime is only getting worse and business owners must be vigilant in their efforts to protect themselves. But it’s important to remember that no single method is perfect and that you should always be vigilant in protecting your data. The best way to stay ahead of the game is to partner with an IT company that will help you create a comprehensive plan that includes multiple layers of protection. Here at AWD, we specialise in IT and cybersecurity and would love to chat with you about how we can help keep your business safe. Give us a call at 1300 855 651 or book your free consultation session by filling out the form.

In the next part of this blog series, we will provide five more specific ways you can protect your business from the impact of a cyberattack.

Enquire about our IT services today.