Reducing cyber risk in your business
Cyber security isn’t about a single factor working in isolation, but a complex interconnection of technology, processes, and people.
To protect your business, it’s important to:
- Learn about threats and risks – and the evolving tactics of cyber criminals
- Take a layered, strategic approach to manage cyber risk exposure
- Enable and encourage simple, actionable steps to improve cyber security.
Many organisations use the defence in depth approach. This approach predicts security risks and applies multiple layers of security. For example, a business might have:
- Security passes to enter the premises
- Systems with user access restricted to only what’s needed for each role
- Learning opportunities for people to meet their security responsibilities
- Robust processes and governance.
Download the full guide
Simple tips for businesses
As well as robust governance and innovative technologies, businesses will continue to benefit from the cyber security basics.
Activate multi-factor authentication (MFA)
Multi-factor authentication should be used across all systems and applications where it’s available.
Run regular back-ups
Regular back-ups will help you recover from a cyberattack that destroys data or prevents technology from functioning, e.g. ransomware.
Patch and update systems and software
Keep operating systems and software up to date with the latest versions to reduce security vulnerabilities.
Restrict privileged access
Privileged accounts should only be used for administrative purposes – and should be restricted and reviewed regularly.
Simple tips for your employees
Employees are often an entry point for cyberattacks, so cyber security education is also an ongoing process. Foster a culture where everyone is responsible for protecting customer information and business assets.
Pause before sharing information
Ask your employees to always think first before sharing sensitive information. And help them understand what is sensitive.
Call out suspicious messages
Let employees know what to do if their device is lost or stolen, or they see anything suspicious.
Activate multi-factor authentication (MFA)
Turn on MFA for important tools such as remote access systems and resources (including cloud services). Turn on automatic updates so phones, laptops, servers, virtual private networks and firewalls get the most recent security patches.
Cyber security is now a pivotal element of business strategy and a core board accountability. Businesses must use capability like AI to our advantage – building it into our defences.
Dr Maria Milosavljevic, data scientist with a background in AI
Key drivers behind the surge in cyber attacks
- Growing number – and increasing seriousness – of risks and dangers
- Complex systems and technology
- Huge growth of data
- Increased connectivity with third parties
- Rapid adoption of transformative technology
- Remote workforce and hybrid workplaces
Generative AI is making scams smarter and harder to spot, from fake invoices to convincing deepfakes. We break down some of the most common AI-related scams and what you can do to keep your business safe.
Popular running your business articles
Related content
Important information
We’ve provided this material as a complimentary service. It is prepared based on information and sources ANZ believes to be reliable. ANZ cannot warrant its accuracy, completeness or suitability for your intended use. The content is information only, is subject to change, and isn’t a substitute for commercial judgement or professional advice, which you should seek before relying on it. To the extent the law allows, ANZ doesn’t accept any responsibility or liability for any direct or indirect loss or damage arising from any act or omissions by any person relying on this material.
Please talk to us if you need financial advice about a product or service. See our Financial Advice Provider Disclosure Statement (PDF 44.6KB).