Making cyber security simple and affordable for small business
Implement your own Cyber Security Solution that meets the Australian Government’s minimum cyber security recommendations
Your DIY Cyber Security Solution
In Australia, cyberattacks are on the rise, and small and medium businesses are suffering the most. In 2022/23, the average financial impact of a cyber security incident for a small business was $46,000, and this figure is increasing every year. So, how do you protect yourself from these growing threats? The answer lies in a set of cyber security strategies known as the Essential Eight.
These strategies were developed by the Australian Government’s Cyber Security Centre and the Australian Signals Directorate, and address the most frequent weaknesses exploited by cyber criminals.
Putting the Essential Eight foundation strategies into place involves a combination of technical actions, administrative controls, and some awareness training for you and your staff. That’s why we developed our “Cyber Security Foundations” Plan – a guided and self-paced, DIY implementation plan for small business that makes it easy.
Get cyber-smart and protect your business, your staff and your customers.
The Impact of a Cyber Security Incident
Whether the incident is a scam email that tricks you into clicking a malicious link, or a full-blown attack that locks all your systems, failure to protect your business can cost you dearly, in many different ways…
- Lost revenue
- Funds stolen from bank accounts
- Business disruption and downtime
- Loss of your business IP
- Stolen customer data
- Ransom payments
- Impact on your reputation
- Lost customers
- Legal and accounting costs
Your Cyber Security Plan
Self Assessment
The Action Plan
Training Modules
Knowledge Base
Security Awareness Training
Resource Library
A simple but effective plan to secure your business
What you get...
- Secure online portal to manage your Plan
- Self assessment of your current cyber security status
- Detailed report and prioritised action plan specific to your business ($800)
- Comprehensive training modules on each Essential Eight strategy
- Easy to follow, step by step instructions and checklists
- Monthly reviews and updates to keep you on track
- Security Awareness Training tailored to each user's needs ($600)
[Foundations plan includes up to 5 users] - Bite-sized sessions keep everyone productive
- Download cyber security policies every business should have ($1,200)
- Monthly webinars to attend or watch in your own time
- Access to a comprehensive resource library
- Regular security notices to keep your business safe
- A guided, self-paced program you can implement in stages
Plan Term
The "Cyber Security Foundations" Plan provides access to all resources for 12 months.
Plan Cost
Pay just $150 / month (excl. GST) over the 12-month term.
Start Today
Register and start improving your cyber security!
Examples of What You Get
This section is currently under development
FAQs
Cyber Attack Scenarios
Why do you use the Essential Eight mitigation strategies?
The Essential Eight strategies help businesses of all sizes protect themselves from the ever-increasing number of cyberattacks. This practical and understandable framework was developed by the Australian Government based on analysis of common cyberattack methods, especially those targeting small and medium-sized businesses which are often more vulnerable to attack.
While the Essential Eight is not the only cyber security framework available, it covers both technical and administrative elements for a far more comprehensive approach.
Ironically, while there’s lots of information available on the Essential Eight, many owners simply don’t know where to start in both identifying the cyber security gaps in their business or in implementing the various solutions available.
The Cyber Security Foundations plan has been designed to guide you through this process from start to finish.
What payment methods do you offer?
For your convenience, the plan cost is spread equally over 12 months. Payment can only be made by credit card. Your first payment will occur when you register and then monthly in advance by direct debit from your nominated credit card.
If you cancel your plan before the end of the Term, the fees for the remainder of your Term are still payable. If the cancellation is due to unforeseen circumstances outside of your control or undue financial hardship, our team will work with you to manage your payments (including, for example, temporarily suspending your plan or putting in place a payment plan).
What happens at the end of 12 months?
We’ll work with you to ensure you complete your Cyber Security Foundations plan within the allotted 12 months. However, cyber security is not a set and forget process and as you will be much more aware of the risks you face by the end of the initial term, you may wish to implement further protections going forward. We can review your requirements and recommend other suitable programs at that time.
I already have IT support. Why do I need this program?
It’s great that you have IT support on hand, either internally or from external suppliers. However, this tends to be responsive as IT often only gets involved when, for example, something breaks, or you need a new email account set-up.
Instead, the resources provided as part of the Foundations plan are guided and strategic, allowing you to accurately determine your current cyber security readiness and to identify the gaps in your defences. Having existing IT support who can work through your plan with you and help with implementing the various solutions is a real advantage and a great place to start.
How does the Security Awareness Training work?
“Human error is a contributing factor in 95% of all breaches”
Security Awareness Training (which is a critical part of your Human Risk Management) is all about educating you and your staff on cybersecurity risks and best practices. The goal is to promote a culture of security awareness to reduce the risk of security breaches and protect your valuable assets. This is how it works:
- The Foundations plan includes training for up to 5 people. This covers staff but can extend to family etc. if you only have a couple of staff.
- Everyone starts off with an online Gap Analysis Questionnaire which will highlight their level of understanding or confusion in terms of the key aspects of information and cyber security.
- From there, every two to four weeks (you decide on the schedule) they’ll receive self-paced, online training tailored to their specific profile – with emphasis on those areas that need improvement.
- We monitor each person’s progress, both in terms of them actually undertaking the training and in the results they achieve, and will make that information available on a regular basis for you to review.
- There are 12 key topic areas covered in the program including internet and email usage, phishing, mobile device security, secure passwords, cloud security, and social media and social engineering.
- There are over 130 ‘bite-sized’ training modules that lead staff through stages from Beginner and Intermediate to Advanced.
- In addition to the training, we also coordinate regular email phishing campaigns to test staff awareness.
- We’ll formally review the training with you at the end of 12 months and, if required, it can be continued as a standalone program.
- Find out a lot more here.
Do I get any updates that happen during the term?
Yes. You’ll have access to any additional information and updates made to the Knowledge Base and will be able to take advantage of any changes we make to the Foundations Plan.
I'm not tech savvy. What happens if I can't follow the plan?
The self-assessment, our detailed report, the action plan designed for your specific business and the various training modules are, as much as possible, all written in a non-technical, plain English format so they’re easy to understand and simple to follow. However, if there’s anything that doesn’t make sense, you’ll be able to email our team so we can guide you through the process.
Got any other questions?
Get in touch if you’d like to know more about any aspect of the “Cyber Security Foundations” Plan.