Australian businesses are completely unprepared
“Organisations across Australia don’t really understand the risks, or what is required and they are not implementing technology or procedures to reduce the risk,” said Security In Depth chief executive Michael Connory.
Australian businesses are “completely unprepared” for cyber attacks or data breaches, with reported incidents increasing by more than 700 per cent since February last year, costing the nation $7.8 billion, a report has revealed.
The Australian Cyber Security Center – The Facts 2020-2021
- Over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year.
- Self-reported losses from cybercrime total more than $33 billion.
- Approximately one quarter of reported cyber security incidents affected entities associated with Australia’s critical infrastructureThe physical or virtual systems and assets that are vital to an organisation or country. If these systems are compromised, the result would be catastrophic. If an organisation's mission critical processes are interrupted, this could result in the organisation ceasing to exist. If a country's critical infrastructure is destroyed, it will have severe negative impact on national security, economic stability, citizen safety and health, transportation and communications..
- Over 1,500 cybercrime reports of malicious cyber activity related to the coronavirus pandemic (approximately four per day).
- More than 75 per cent of pandemic-related cybercrime reports involved Australians losing money or personal information.
- Nearly 500 ransomwareA form of malware that holds a victim's data hostage on their computer typically through robust encryption. This is followed by a demand for payment in the form of Bitcoin (an untraceable digital currency) in order to release control of the captured data back to the user. cybercrime reports, an increase of nearly 15 per cent from the previous financial year.
- Fraud, online shopping scams and online banking scams were the top reported cybercrime types.
- An increase in the average severity and impact of reported cyber security incidents, with nearly half categorised as ‘substantial’.
Read the full report here.
What PDSS has to offer.

PDSS are a specialised group of highly experienced cyber system specialists. We’re intensely involved with our clients, their systems, their processes and what’s important to them for their business.
Our team has shared values and experience when you need it. We value building client trust for long term business relationships which in turn provide growth both for our clients and for us.
Our greatest ambassadors are our existing clients.
Our drive to perform with pragmatism, value and client satisfaction, are the ultimate measures of our performance.
An effective ISO 27001 information security management system (ISMS) provides a management framework of policies and procedures that will keep your information secure, regardless of the format.
The flexibility of the framework allows other standards and contractual requirements to be easily integrated into the controls making only one system to follow in your business.
it was troubling that among almost 2000 companies – in sectors including finance, health, education, government, manufacturing, technology, professional services and retail – almost 40 per cent did not provide any cyber awareness training to staff.
Security In Depth chief executive Michael Connory.
Further, more than 70 per cent of all data breaches at Australian businesses were caused by human error.
Why SMEs need data security.
It is not just about meeting contractual requirements, it is about business survival.
Across the board, small businesses tend to have easier security to crack than their larger counterparts. This has been true for almost as long as the internet has been available, but hackers have historically tended to focus on the bigger targets due to the ratio of effort and risk to reward.
While larger businesses have been hardening their defences, smaller businesses have had a tendency to believe that they are beneath the radar of hackers. This happens with troubling frequency even when that particular business has suffered a data breachThe occurrence of disclosure of confidential information, access to confidential information, destruction of data assets or abusive use of a private IT environment. Generally, a data breach results in internal data being made accessible to external entities without authorisation. in the past.
I have an IT Provider

Most businesses outsource their IT services as this is a cost effective, provides expertise, and access to resources like a help desk.
Of course, outsourcingThe action of obtaining services from an external entity. Rather than performing certain tasks and internal functions, outsourcing enables an organisation to take advantages of external entities that can provide services for a fee. Outsourcing is often used to obtain best-of-breed level service rather than settling for good-enough internal operations. It can be expensive and increases an organisation's security risk due to the exposure of internal information and data to outsiders. also has its disadvantages.
For instance, trusting a third-party provider for all of your company’s IT
needs can create serious security issues.
OutsourcingThe action of obtaining services from an external entity. Rather than performing certain tasks and internal functions, outsourcing enables an organisation to take advantages of external entities that can provide services for a fee. Outsourcing is often used to obtain best-of-breed level service rather than settling for good-enough internal operations. It can be expensive and increases an organisation's security risk due to the exposure of internal information and data to outsiders. is not a panacea, if your business is having trouble managing technology on its own, it’s likely that an IT outsourcing provider will be bound by the same constraints that make in-house management difficult — poor system construction, inefficient communication, and lack of scalability. These problems are not something an outsourcingThe action of obtaining services from an external entity. Rather than performing certain tasks and internal functions, outsourcing enables an organisation to take advantages of external entities that can provide services for a fee. Outsourcing is often used to obtain best-of-breed level service rather than settling for good-enough internal operations. It can be expensive and increases an organisation's security risk due to the exposure of internal information and data to outsiders. company will be able to fix overnight.
You cannot rely on your provider knowing what your specific requirements or contractual obligations are in relation to data security.
What is you back up schedule?
Does your telephony go though your firewallA security tool, which may be a hardware or software solution that is used to filter network traffic. A firewall is based on an implicit deny stance where all traffic is blocked by default. Rules, filters or ACLs can be defined to indicate which traffic is allowed to cross the firewall. Advanced firewalls can make allow/deny decisions based on user authentication, protocol, header values and even payload contents.?
Has a back up image been restored to make sure it works? How long it will take?
How are old computers and the disk drives disposed of?
How do you manage who has access to your data?
PDSS can bridge that gap by installing ISMS procedures and putting management and oversight of your provided IT systems back under your control.