cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Australian Cyber Security Centre releases Small Business Cloud Security Guides

As 2022 comes to a close, cyber security is on everyone’s lips following a series of high-profile hacks of major businesses and institutions. But smaller businesses are just as vulnerable to such attacks — in many ways, even more so.

user iconReporter
Mon, 19 Dec 2022
Australian Cyber Security Centre releases Small Business Cloud Security Guides
expand image

Thankfully, the Australian Cyber Security Centre has released a series of eight cloud security guides aimed at small businesses.

Cyber security incidents can affect any business, at any time,” the ACSC said in a statement. “With the average cyber security incident costing over $39,000 for small businesses, organisations cannot afford to overlook investing in their cyber security.”

“Investing in preventative measures is usually less expensive than responding to an incident, so it will help minimise the costs for impacted organisations.”


The guides, as well as an introduction and a guide on how best to use the guides can be found here.

The ACSC pointed out that on top of threats to an organisation from losing access to vital infrastructure or losing control of important data, there’s a regulatory risk to not attending to security. The ACSC cites a case study of an Australian Financial Services licensee that was found to be in breach of its licensee obligations. In a Federal Court case, the licensee was found to have engaged in “inadequate risk management practices”, which in turn, led to a series of cyber attacks over a six-year period.

The Court ordered the company to improve its cyber security practices (including such simple directives as to keep their anti-virus software up to date), and to pay $750,000 towards the costs incurred by the Australian Securities and Investments Commission.

“Managing cyber risks cannot be an afterthought or an optional extra. It is increasingly being recognised as an essential responsibility of all organisations,” the ACSC said.

The guides cover the following:

  • Implementing multi-factor authentication.
  • Restricting admin privileges.
  • The importance of regular backups.
  • Keeping operating systems patched and up to date.
  • Keeping applications properly patched.
  • The correct configuration of macro settings.
  • Application control and why it matters.
  • Application hardening and how it can stop threats from malicious websites and advertisements.

The guides focus on walkthroughs using Microsoft 365, but still offer vital advice no matter what applications or services a business might be using.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.