Making cyber security simple and affordable for small business

Implement your own Cyber Security Solution that meets the Australian Government’s minimum cyber security recommendations

Your DIY Cyber Security Solution

In Australia, cyberattacks are on the rise, and small and medium businesses are suffering the most. In 2022/23, the average financial impact of a cyber security incident for a small business was $46,000, and this figure is increasing every year. So, how do you protect yourself from these growing threats? The answer lies in a set of cyber security strategies known as the Essential Eight.

These strategies were developed by the Australian Government’s Cyber Security Centre and the Australian Signals Directorate, and address the most frequent weaknesses exploited by cyber criminals.

Putting the Essential Eight foundation strategies into place involves a combination of technical actions, administrative controls, and some awareness training for you and your staff. That’s why we developed our “Cyber Security Foundations” Plan – a guided and self-paced, DIY implementation plan for small business that makes it easy.

Get cyber-smart and protect your business, your staff and your customers.

The Impact of a Cyber Security Incident

Whether the incident is a scam email that tricks you into clicking a malicious link, or a full-blown attack that locks all your systems, failure to protect your business can cost you dearly, in many different ways…

  • Lost revenue
  • Funds stolen from bank accounts
  • Business disruption and downtime
  • Loss of your business IP
  • Stolen customer data
  • Ransom payments
  • Impact on your reputation
  • Lost customers
  • Legal and accounting costs

Your Cyber Security Plan

Self Assessment

Identify your gaps
The first step is a simplified Essential Eight self-assessment that allows us to understand your current security status and how much effort you'll need to apply to each of the eight strategies.

The Action Plan

What happens next
The results of your self-assessment will be converted into a customised Action Plan with links to multiple training modules covering each of the strategies.

Training Modules

Everything you need
Each module provides background on the risks you face and why you need to take action. It outlines the solutions and provides links to detailed step by step instructions.

Knowledge Base

Implementing your solutions
The knowledge base is where you'll find specific instructions on how to implement the required solutions that will strengthen your cyber security posture. Instructions cover Microsoft and Google platforms.

Security Awareness Training

Your first line of defence
Human error is a key factor in over 90% of cyber issues. You and your staff will be enrolled in a personalised Security Awareness Training program, with easy to follow, bite-sized online sessions.

Resource Library

Essential information and tools
Our resource library provides a wide range of useful information and tools to help secure and protect your business. This includes a set of security policies you can download and modify to suit.

A simple but effective plan to secure your business

What you get...

  • Secure online portal to manage your Plan
  • Self assessment of your current cyber security status
  • Detailed report and prioritised action plan specific to your business ($800)
  • Comprehensive training modules on each Essential Eight strategy
  • Easy to follow, step by step instructions and checklists
  • Monthly reviews and updates to keep you on track
  • Security Awareness Training tailored to each user's needs ($600)
    [Foundations plan includes up to 5 users]
  • Bite-sized sessions keep everyone productive
  • Download cyber security policies every business should have ($1,200)
  • Monthly webinars to attend or watch in your own time
  • Access to a comprehensive resource library
  • Regular security notices to keep your business safe
  • A guided, self-paced program you can implement in stages

Plan Term

The "Cyber Security Foundations" Plan provides access to all resources for 12 months.

blank

Plan Cost

Pay just $150 / month (excl. GST) over the 12-month term.

blank

Start Today

Register and start improving your cyber security!

Examples of What You Get

This section is currently under development

FAQs

Cyber Attack Scenarios

The Essential Eight strategies help businesses of all sizes protect themselves from the ever-increasing number of cyberattacks. This practical and understandable framework was developed by the Australian Government based on analysis of common cyberattack methods, especially those targeting small and medium-sized businesses which are often more vulnerable to attack.

While the Essential Eight is not the only cyber security framework available, it covers both technical and administrative elements for a far more comprehensive approach.

Ironically, while there’s lots of information available on the Essential Eight, many owners simply don’t know where to start in both identifying the cyber security gaps in their business or in implementing the various solutions available. 

The Cyber Security Foundations plan has been designed to guide you through this process from start to finish.

For your convenience, the plan cost is spread equally over 12 months. Payment can only be made by credit card. Your first payment will occur when you register and then monthly in advance by direct debit from your nominated credit card.

If you cancel your plan before the end of the Term, the fees for the remainder of your Term are still payable. If the cancellation is due to unforeseen circumstances outside of your control or undue financial hardship, our team will work with you to manage your payments (including, for example, temporarily suspending your plan or putting in place a payment plan). 

We’ll work with you to ensure you complete your Cyber Security Foundations plan within the allotted 12 months. However, cyber security is not a set and forget process and as you will be much more aware of the risks you face by the end of the initial term, you may wish to implement further protections going forward. We can review your requirements and recommend other suitable programs at that time.

It’s great that you have IT support on hand, either internally or from external suppliers. However, this tends to be responsive as IT often only gets involved when, for example, something breaks, or you need a new email account set-up.

Instead, the resources provided as part of the Foundations plan are guided and strategic, allowing you to accurately determine your current cyber security readiness and to identify the gaps in your defences. Having existing IT support who can work through your plan with you and help with implementing the various solutions is a real advantage and a great place to start.

“Human error is a contributing factor in 95% of all breaches”

Security Awareness Training (which is a critical part of your Human Risk Management) is all about educating you and your staff on cybersecurity risks and best practices. The goal is to promote a culture of security awareness to reduce the risk of security breaches and protect your valuable assets. This is how it works:

  • The Foundations plan includes training for up to 5 people. This covers staff but can extend to family etc. if you only have a couple of staff.
  • Everyone starts off with an online Gap Analysis Questionnaire which will highlight their level of understanding or confusion in terms of the key aspects of information and cyber security.
  • From there, every two to four weeks (you decide on the schedule) they’ll receive self-paced, online training tailored to their specific profile – with emphasis on those areas that need improvement.
  • We monitor each person’s progress, both in terms of them actually undertaking the training and in the results they achieve, and will make that information available on a regular basis for you to review.
  • There are 12 key topic areas covered in the program including internet and email usage, phishing, mobile device security, secure passwords, cloud security, and social media and social engineering.
  • There are over 130 ‘bite-sized’ training modules that lead staff through stages from Beginner and Intermediate to Advanced.
  • In addition to the training, we also coordinate regular email phishing campaigns to test staff awareness.
  • We’ll formally review the training with you at the end of 12 months and, if required, it can be continued as a standalone program.
  • Find out a lot more here.

Yes. You’ll have access to any additional information and updates made to the Knowledge Base and will be able to take advantage of any changes we make to the Foundations Plan.

The self-assessment, our detailed report, the action plan designed for your specific business and the various training modules are, as much as possible, all written in a non-technical, plain English format so they’re easy to understand and simple to follow. However, if there’s anything that doesn’t make sense, you’ll be able to email our team so we can guide you through the process.

What can go wrong and what to do about it

1. Scam email provides access to all systems
2. Hacked third-party supplier infects clients
3. Social Engineering convinced employee to grant access
4. Outdated systems allow attackers easy entry
5. Malware installed on the back of an employee's email

Got any other questions?

Get in touch if you’d like to know more about any aspect of the “Cyber Security Foundations” Plan.

Scenario 1: Cybersecurity Attack at Speedy Auto Services

Background

Speedy Auto Services, a small automotive repair shop in Adelaide, has been serving its community for over a decade. With a team of 10 employees, the business prides itself on quality service and strong client relationships. As part of their operations, Speedy Auto Services maintains a database of client records, including personal contact details, service histories, and payment information. They also used online banking for payroll and supplier transactions.

The Incident

In June 2023, one of Speedy Auto Services’ staff members received an email that appeared to be from a trusted supplier. The email, professionally formatted, claimed an urgent invoice update was required and included a link. Trusting the email, the employee clicked the link and logged into what seemed like a legitimate portal.

What the employee didn’t realise was the link directed her to a fake website designed to collect credentials. This action granted attackers access to Speedy Auto Services’ systems, including their client database and banking accounts.

The Consequences

  1. Data Breach:
    The attackers downloaded the entire client database. This exposed sensitive client information, leading to concerns of identity theft and fraud among the company’s customers.
  2. Financial Loss:
    Using stolen banking credentials, the attackers initiated unauthorized transactions, draining several business accounts. The business lost $30,000 before the bank could freeze the accounts.
  3. Reputation Damage:
    News of the breach spread quickly within the community. Many clients expressed distrust and opted to take their business elsewhere, citing concerns over data security.
  4. Operational Disruption:
    The company had to temporarily halt online transactions and revert to manual record-keeping while their systems were assessed and restored. This caused delays in service and strained customer relations further.

 

 The Response

Speedy Auto Services took immediate action to mitigate the damage:

  • Incident Reporting: They reported the breach to their bank, local authorities, and cybersecurity experts.
  • Client Communication: Affected customers were notified about the breach, and the company provided guidance on steps to protect themselves from potential fraud.
  • System Restoration: A cybersecurity firm was hired to assess and secure the systems, including introducing multi-factor authentication (MFA) for sensitive accounts.
  • Training: The company mandated cybersecurity awareness training for all employees to prevent future incidents.

Lessons Learned

  1. Beware of Phishing Attacks:
    Employees learned to scrutinise emails, verifying the sender’s authenticity before clicking on links or providing credentials.
  2. Invest in Security Measures:
    Speedy Auto Services implemented strong firewalls, encrypted their client database, and adopted MFA to add an extra layer of security.
  3. Regular Backups:
    The company began maintaining offline backups of critical data to ensure recovery in the event of future attacks.
  4. Incident Preparedness:
    A response plan was created, outlining steps to take if a similar incident occurs again.

Outcome

Though Speedy Auto Services experienced significant setbacks, their swift response and commitment to improving cybersecurity helped them recover. Over time, transparency and improved security practices restored some client trust, allowing the business to rebuild its reputation and continue serving the community.

Key Takeaway

Cybersecurity is a critical concern for businesses of all sizes. Investing in employee training, strong security practices, and preparedness can significantly reduce the risk and impact of a breach.

Scenario 2: Hacked Supplier Impacts GreenFields Farm Machinery

Background

GreenFields Farm Machinery is a small business specialising in the sale, repair, and maintenance of agricultural equipment. Based in a rural community, the business relies on several key suppliers for parts and software updates for the machinery they sell. One of their main suppliers, AgriParts Co., provides online software systems for managing inventory, processing orders, and updating farm equipment firmware.

The Incident

In August 2023, AgriParts Co. fell victim to a ransomware attack. The attackers gained access to AgriParts’ systems through a phishing email sent to one of their employees. The email appeared to be an internal communication and contained a malicious attachment which, once opened, infected their network.

Because GreenFields Farm Machinery was directly integrated with AgriParts’ system for automated inventory management and software updates, the attackers exploited this connection. Through the compromised supplier’s system, the attackers infiltrated GreenFields’ own network.

How It Happened

  1. Integration Exploitation:
    GreenFields’ systems were connected to AgriParts’ network for seamless inventory tracking and firmware updates. This integration, while convenient, acted as a backdoor for the attackers.
  2. Spread of Malware:
    The attackers deployed malware that spread from AgriParts to GreenFields, encrypting GreenFields’ files and disrupting operations.
  3. Data Theft:
    Sensitive business data, including client details, purchase histories, and pricing information, was accessed by the attackers.

The Consequences

  1. Operational Disruption:
    GreenFields was unable to access its inventory management system or process orders for two weeks. This led to delays in fulfilling customer requests during the peak farming season.
  2. Customer Impact:
    Customers who relied on timely software updates for their machinery faced downtime, leading to lost productivity on their farms.
  3. Financial Loss:
    The business incurred significant expenses in hiring cybersecurity experts to restore their systems and implementing new security measures. Additionally, reputational damage led to a temporary decline in sales.
  4. Supply Chain Complications:
    The attack highlighted vulnerabilities in their supply chain, forcing GreenFields to temporarily halt integration with other suppliers’ systems, increasing manual workload.

 The Response

  • Isolating the Network:
    GreenFields immediately disconnected from AgriParts’ system to contain the malware’s spread.
  • Incident Reporting:
    They informed clients and local authorities about the breach, ensuring transparency.
  • System Restoration:
    GreenFields collaborated with cybersecurity professionals to clean and restore their systems. They also implemented stricter access controls and monitoring tools.
  • Supplier Coordination:
    GreenFields worked closely with AgriParts to understand the breach and demanded improved security measures from their supplier before reconnecting.

Lessons Learned

  1. Check Supplier Security Practices:
    GreenFields realised the importance of assessing suppliers’ cybersecurity measures before integrating systems.
  2. Limit Integration Risks:
    The company adopted a policy of minimising direct integration with third-party systems unless absolutely necessary.
  3. Segment Systems:
    They implemented network segmentation to prevent malware from spreading between systems.
  4. Incident Readiness:
    GreenFields developed a comprehensive incident response plan, including regular backups and staff training on identifying cyber threats.

Outcome

Though the incident caused temporary setbacks, GreenFields used the experience to strengthen their cybersecurity posture and establish more robust supplier agreements. The improved practices reduced the risk of future attacks and restored client confidence in their operations.

Key Takeaway

Supply chain vulnerabilities can pose significant cybersecurity risks. Businesses must ensure that their partners maintain high-security standards and limit system integrations to reduce exposure. Proactive measures and strong incident response plans are critical to resilience.

Scenario 3: Cybersecurity Breach at Horizon Auto Dealership

Background

Horizon Auto Dealership is a mid-sized business specialising in selling and financing new and used vehicles. Located in a bustling urban area, the dealership has a reputation for personalised service and offers financing options through partnerships with multiple financial institutions. To streamline operations, Horizon uses an integrated IT network that connects their client database with financing provider portals.

The Incident

In February 2024, an attacker contacted a Horizon employee posing as a representative from a trusted IT vendor. The attacker claimed they needed access to the dealership’s systems to perform an urgent software update. The attacker’s approach was highly professional and convincing, using detailed knowledge of the dealership’s IT setup, which they likely gathered through prior reconnaissance.

Trusting the caller, the employee provided his login credentials to the attacker. These credentials granted the attacker access to the dealership’s network, where they quickly escalated privileges and infiltrated multiple systems.

How It Happened

  1. Social Engineering:
    The attacker exploited human trust, presenting themselves as a legitimate contact. The employee was not aware of specific protocols for verifying external requests.
  2. Credential Access:
    With the employee’s credentials, the attacker accessed Horizon’s IT network and sensitive systems without raising alarms.
  3. Network Infiltration:
    The attacker explored the dealership’s client database, which contained personally identifiable information (PII) such as names, addresses, phone numbers, and email addresses.
  4. Finance Portal Breach:
    Using the same credentials, the attacker accessed the dealership’s connection to their finance providers’ portal. This portal held detailed records of client loans, and personal client information as well as bank account numbers, and credit card information.

The Consequences

  1. Client Data Exposure:
    The personal information of hundreds of clients was compromised, making them potential targets for identity theft and fraud.
  2. Financial Information Theft:
    The attacker downloaded sensitive financial records, including loan details and payment histories, causing widespread panic among clients.
  3. Regulatory Scrutiny:
    The dealership faced potential fines for failing to adequately protect sensitive client information, as required by data privacy laws.
  4. Reputational Damage:
    Public trust in Horizon Auto Dealership plummeted. Many clients expressed concern about their data being mishandled, leading to a noticeable drop in sales.
  5. Operational Disruption:
    Systems were taken offline for several days during the investigation and recovery process, causing significant business delays.

The Response

  • Immediate Containment:
    Horizon disabled the employee’s credentials and isolated the affected systems to prevent further damage.
  • Investigation and Notification:
    The dealership worked with cybersecurity experts to understand the breach’s full scope. They also notified affected clients and relevant authorities about the incident.
  • System Restoration:
    Horizon rebuilt and secured their IT systems, adding multiple layers of protection, including multi-factor authentication (MFA) and intrusion detection systems.
  • Employee Training:
    The dealership launched a comprehensive cybersecurity awareness program to train employees on recognizing social engineering tactics.

Lessons Learned

  1. Verify External Requests:
    Employees must verify the identity of anyone requesting access to sensitive systems through official channels.
  2. Strengthen Authentication:
    Horizon implemented MFA to ensure that stolen credentials alone could not grant access.
  3. Monitor for Suspicious Activity:
    Improved network monitoring tools were deployed to detect and respond to unusual activities.
  4. Regular Training:
    Ongoing cybersecurity education became mandatory for all employees to reduce the likelihood of future incidents.

Outcome

While the breach caused significant financial and reputational damage, Horizon Auto Dealership’s swift response and commitment to strengthening their cybersecurity posture helped them rebuild client trust over time. The incident underscored the importance of vigilance and robust security practices in an increasingly digital world.

Key Takeaway

Social engineering is a powerful tactic that can bypass technical defences. Businesses must combine technical safeguards with employee education and verification protocols to protect sensitive information effectively.

Scenario 4: System Breach at Precision Crash Repairs Forces the Business to Close!

Background

Precision Crash Repairs was a small, family-run business that specialised in repairing damaged vehicles. Known for their quality workmanship, the business relied on their IT systems for managing client records, parts inventory, and financial transactions. However, due to limited resources and technical expertise, their IT systems operated on older versions of software and operating systems that had not been updated or patched for several years.

The Incident

In late 2023, an attacker identified vulnerabilities in Precision Crash Repairs’ outdated systems. Exploiting these weaknesses, the attacker infiltrated the business’s network without detection.

The attacker remained hidden for several months, during which they:

  1. Monitored Business Activity:
    The attacker observed financial transactions, including access to bank accounts and client payment details.
  2. Stole Funds Gradually:
    Small amounts of money were siphoned from the business’s accounts over time to avoid raising suspicion.
  3. Launched a Final Attack:
    When the attacker was ready to execute the final stage, they emptied all remaining funds from the bank accounts. They also deployed ransomware that locked the business out of their systems, encrypting critical files needed for operations.

Discovery and Response

By the time the owners of Precision Crash Repairs realized what had happened, it was too late:

  • Their bank accounts were drained, leaving the business unable to pay suppliers, staff, or ongoing expenses.
  • Their systems were completely inoperable due to ransomware encryption, halting all operations.
  • Without proper backups, retrieving critical files was impossible without paying the ransom, which the business could no longer afford.

The Consequences

  1. Financial Loss:
    The business lost over $200,000 in stolen funds, crippling its cash flow.
  2. Operational Shutdown:
    The encrypted systems made it impossible to access client records, ongoing projects, or inventory management tools.
  3. Reputational Damage:
    News of the attack and inability to fulfill client commitments damaged trust among customers.

  4. Closure:
    The combined financial loss, cost of rectifying the situation, and inability to compete in the highly competitive crash repair industry forced Precision Crash Repairs to shut down within three months of the incident.

Lessons Learned

  1. Keep Systems Updated:
    Outdated software and operating systems are highly vulnerable to exploitation. Businesses must prioritise regular updates and patching.
  2. Invest in Cybersecurity:
    Even small businesses need basic protections such as firewalls, antivirus software, and intrusion detection systems.
  3. Backup Critical Data:
    Regularly backing up data to secure, offline storage ensures that businesses can recover quickly after an attack.
  4. Monitor for Unusual Activity:
    Financial accounts and system logs should be monitored for suspicious activity to detect breaches early.
  5. Awareness and Training:
    Business owners and employees should understand the risks of cyber threats and the importance of proactive cybersecurity measures.

Key Takeaway

Precision Crash Repairs’ experience highlights the devastating impact of neglecting cybersecurity. Cybercriminals often target small businesses that lack robust defences, and the consequences can be catastrophic. Businesses must recognise that cybersecurity is an essential investment, not an optional expense.

Scenario 5: Malicious Software Infects Reliable Auto Repairs

Background

Reliable Auto Repairs is a small automotive repair shop that relies on computers for scheduling appointments, maintaining customer records, and managing inventory. The business operates a small local network connecting three computers, including one used by employees for shared tasks. Unfortunately, the shop lacked formal cybersecurity measures and had no policies restricting personal use of business devices.

The Incident

In April 2024, an employee used one of the shop’s computers to check his personal email during a lunch break. He clicked on an attachment in an email that appeared to be a receipt from an online purchase. Unbeknownst to the employee, the attachment contained malicious software.

After viewing the email, he logged out of his account and left the computer. The malware, now installed, began spreading silently across the business’s local network.

Signs of Infection

Over the next week, the business experienced several unusual issues:

  1. System Slowness:
    The computer Tom used became noticeably slower, but the owner attributed it to the machine’s age.
  2. File Access Issues:
    Some files became inaccessible, and others displayed errors when opened.
  3. System Crashes:
    Multiple computers on the network began crashing unexpectedly.
  4. Ransomware Activation:
    By the end of the week, all devices on the network displayed a pop-up message informing the business that their files had been encrypted. The message demanded a ransom payment in cryptocurrency to unlock the files.

The Consequences

  1. Data Loss:
    All customer records, financial data, and inventory management files were encrypted, rendering them unusable. The shop had no recent backups to recover the data.
  2. Operational Disruption:
    Without access to their files or systems, Reliable Auto Repairs had to halt operations. This resulted in cancelled appointments and frustrated customers.
  3. Financial Impact:
    The ransom demanded was $15,000, an amount the business could not afford. In addition, the shop lost significant revenue during downtime.
  4. Reputational Damage:
    Customers lost trust in the shop’s ability to manage sensitive information securely.
     

The Response

Reliable Auto Repairs sought help from a local IT support provider. Unfortunately, the lack of backups meant that most files could not be recovered. The shop decided not to pay the ransom, as there was no guarantee the attackers would restore access to the files.

The business rebuilt their systems from scratch, a process that took weeks and incurred significant costs. They also implemented basic cybersecurity measures to prevent future incidents.

Lessons Learned

  1. Limit Personal Use of Business Devices:
    The shop established a strict policy prohibiting personal use of business computers.
  2. Invest in Cybersecurity Tools:
    Reliable Auto Repairs installed antivirus software and a firewall to detect and block malicious activity.
  3. Employee Awareness:
    The owner required all staff to undergo basic training on identifying phishing emails and the dangers of opening unknown attachments.
  4. Regular Backups:
    The shop began performing regular backups to an external, offline storage device to ensure data could be recovered in the future.
  5. Monitor Systems for Issues:
    Unusual behaviour, such as slowness or file access issues, was recognized as a potential sign of malware infection, prompting immediate action.

Outcome

Though the shop eventually recovered, the incident caused significant financial and reputational harm. Reliable Auto Repairs now takes cybersecurity seriously and has strengthened its defences against similar attacks.

Key Takeaway

Even a single careless action can lead to severe consequences for a business. Small businesses must establish clear cybersecurity policies, train employees, and adopt preventive measures to protect against evolving cyber threats.

Get In Touch...