Speakers
Synopsis
In the rapidly evolving digital landscape, small to medium enterprises (SMEs) and non-profit organisations (NFPs) in Australia face unique cybersecurity challenges. Limited resources, heightened exposure to cyber threats, and the critical nature of their operations necessitate robust and actionable cyber resilience strategies.
This presentation outlines the cybersecurity challenges faced by SMEs and NFPs, discusses relevant case studies, highlights actionable industry practices and frameworks, provides practical solutions for implementation, and concludes with a compelling message on the business and community benefits of cyber resilience and compliance.
Key Topics:
Cybersecurity Challenges:
SMEs and NFPs often have limited budgets and IT resources, making them attractive targets for cybercriminals. The presentation will highlight the most common threats and indicators of compromise including phishing, ransomware, website and social media impersonation, deepfakes, and data breaches, and the significant impact these threats can have on operations and reputation.
Relevant Case Studies:
The presentation will discuss relevant case studies such as the 2020 Anglicare Sydney ransomware attack, 2021 UnitingCare Queensland ransomware attack, and the results of 2020 ACSC SMB Survey. These analyses illustrate the real-world impact of cyber threats on businesses and highlight the vulnerabilities that can be exploited. Attendees will gain insights into the methods and consequences of these attacks and will be equipped with practical steps to protect their organisations.
Actionable Industry Practices and Frameworks:
The presentation will highlight the relevance of industry best practices and frameworks for enhancing cyber resilience. Key guidelines from the Australian Cyber Security Centre (ACSC) Essential Eight and the NIST Cybersecurity Framework (CSF) will be discussed. Specific strategies will include:
• Employee Training: Implementing comprehensive cybersecurity awareness programs.
• Identity and Access Management: Enforcing role-based access controls, strong password policies and multi-factor authentication (MFA).
• Network Security: Utilising network segmentation and regular software updates.
• Data Protection: Employing encryption and regular data backups (not just replication as replication may not help with recovery from ransomware attacks).
• Application and OS Patching: Automated patching using economic centralised Mobile Device Management (MDM) tools such as InTune and/or JAMF
Practical Solutions:
The presentation will discuss practical solutions including developing a robust incident response plan, establishing an incident response team, and conducting regular security drills. Attendees will also learn about leveraging external resources such as threat intelligence sharing platforms and affordable cybersecurity tools.
Call to Action:
The presentation will emphasise the importance of timely threat intel, industry collaboration, and continuous improvement to stay ahead of evolving threats. Attendees will be urged to adopt the discussed strategies and integrate them into their daily operations.
Conclusion:
The presentation will conclude by highlighting how cyber resilience and compliance can be powerful business enablers by helping build trust with customers, partners, and stakeholders, fostering business growth. For SMEs, strong cybersecurity can unlock new market opportunities and partnerships by meeting stringent security standards. For NFPs, enhanced cybersecurity enables better service to stakeholders and communities, ensuring continuity and integrity. By embracing these strategies, SMEs and NFPs in Australia can secure their future, drive growth, and significantly impact their fields.
