Preparing your business for an information technology (IT) threat

A cybercrime is reported in Australia every few minutes and results in the loss of millions of dollars every year. Online security is vital to protect your electronic data, information technology (IT) systems and customer or client details.

Potential IT threats include:

  • cyber attacks, data hacking, online scams
  • IT failure or system outage.

Make a plan

To prepare for, respond to, and recover from disasters and emergencies, your business should develop the following types a of plans:

Note: By law, you must have an emergency plan for your business.

Prepare for an IT threat

Protect your business

The Australian Cyber Security Centre (ACSC) recommends the following 3 actions for all small businesses:

  • turn on multi-factor authentication
  • update your software
  • back up your information.

For more information download ACSC's  Small Business Cyber Security Guide.

We recommend working with an IT professional or trusted advisor if you need help with the above.

Protect your customer data

Make sure your staff understand good cyber security practices.

Respond to an IT threat

A data breach is when personal information gets lost or disclosed without permission. If your business is covered by the Privacy Act, and you have a data breach that is likely to result in serious harm, you must report the data breach.

  • Check for any suspicious activity, unauthorised bank withdrawals or unauthorised access to customer information.
  • Assess what information has been breached, the cause, extent of the breach and what you can do to fix the issue, including:
    • advising staff not to share or click on links in suspect emails
    • backing up your system
    • shutting down the breached system (if possible)
    • changing computer access privileges and passwords
    • appointing an external IT or cyber security expert.
  • Assess if the data breach will result in serious harm to anyone whose information was involved. You have a legal requirement to report unauthorised access of personal information held by your business if it could result in serious harm.

Take action if these situations occur:

  • financial details or credit cards have been fraudulently accessed
    • notify your bank or other financial institution immediately
    • suspend accounts or take other action
  • consult with law enforcement agencies who are investigating the breach before making the details public of any fraudulent activity
  • when serious harm has occurred, you are legally required to
  • offer support to staff if they have been affected.

Cybercrime

Report computer or online crimes (e.g. fraud, online image abuse, identity theft or threats and intimidation) to police using ReportCyber.

Data breaches

Notifable data breaches must be reported online using the notifiable data breach form or by calling 1300 363 992.

Note: You may have a legal requirement to report unauthorised access of personal information held by your business if it could result in serious harm.

Cyberbullying

Report cyberbullying, image-based abuse or illegal and harmful content to the eSafety Commissioner.

Recover from an IT threat

  • Fully investigate the data breach (or have an IT expert investigate).
  • Monitor your systems for any ongoing suspicious activity.
  • Consider how you handled the crisis and identify and document lessons learned.
  • Update or enhance IT security systems to detect and prevent future breaches.
  • Update your business continuity and cyber security emergency plan.
  • Train staff in updated policies and procedures.

Communication tips

Communication is crucial during and after an IT incident. Your staff and customers will want to know what measures you're taking to manage the incident, reduce its impact and prevent it from happening again.

Learn more about responding to negative social media or media coverage.

Consider who your business needs to communicate with during and after an emergency.

Key stakeholders may include:

  • staff
  • a regulatory body or agency
  • customers, clients or guests
  • suppliers and distributors
  • an industry body.

To communicate to stakeholders:

  • use available communication channels to get the message out widely
  • keep customers, suppliers and stakeholders updated about your business operations
  • let people know about recovery steps, milestones, or successes.

We are contacting you to let you know a data breach has affected your personal data. On (date), we detected a breach of our organisation's IT security. As a result, some of your information has been accessed (provide type of data if possible – e.g. contact details).

We've launched a full investigation to resolve the issue and we're working closely with authorities (the Australian Cyber Security Centre, the Australian Federal Policy and/or the Australian Information Commissioner).

We're taking the following steps to protect you by:

  • engaging an external cyber security agency to ensure we've taken all possible measures to minimise the impact of this security breach and reduce the risk of it happening again
  • continuing to monitor for suspicious activity and coordinating with relevant authorities and agencies
  • continuing to improve our systems to detect and prevent unauthorised access to user information.

We take our obligations to safeguard your personal data very seriously. We recommend you consider taking the following steps to protect any further access to your (personal information or account details). As further safeguards:

  • update your password – use at least 12 characters including numbers, symbols, capital letters and lower-case letters (avoid using date of birth or names)
  • review and update your contact methods for resetting passwords
  • review your account transactions and let us know if you notice anything suspicious
  • don't open attachments or click on links from unknown sources
  • ignore unsolicited communications that ask for your personal data or refer you a web page asking for personal data
  • also report anything out of the ordinary to (provide details).

We sincerely apologise for any inconvenience this breach may have caused. If you have any questions or concerns please don't hesitate to contact us via (email and/or phone).

We'll keep you informed if there is any further information about this breach.

  • Our (telephone/online services/website) have been disrupted today due to unexpected technical issues.
  • Our team is working to resolve the issue as soon as possible. We'll provide updates as soon as more information is available.
  • We apologise for any inconvenience this may have caused. If you urgently need to contact us, please (phone/email/message or visit us at).

Go back to the Small business disaster hub.