With several high-profile cyber-attacks in February 2019 alone, it appears more important than ever to review the current backup and disaster recovery strategies for your organisation.

To touch on a few examples, late 2018 when Melbourne’s Catholic Archdiocese was hit with a data attack that saw its computer systems paralysed for days. In another incident in February 2019, 15,000 patients data at Malvern hospital was held at ransom.

Car manufacturer, Toyota also experienced troubles when the company was attacked and left its employees unable to access emails for several days. On a federal level, there was an attempt to hack parliament’s computer network.

With three separate high-profile incidents, it comes as no surprise when you’re left asking, could my organisation be next?

Luckily, there are measures that can be taken to lower the chances of a cyberattack. Ensuring your organisation has data backup and disaster recovery is extremely important, along with exercising a level of precautions around staffing.

What is data backup and disaster recovery?

To backup data means to copy your important information over to a datacentre, where it is stored and can be accessed in the event any information or data is lost, stolen or hacked. It is recommended that important data and information should be regularly backed up. Such data could include anything from financial records, business plans, customer or patient records and personal information.

Disaster recovery is slightly different, described as a service offered that ensures all important information can be easily accessed in a situation where data may be compromised. This provides seamless continuity for organisations and a level of security to resume operations in an event of a cyberattack.

How to prevent being hacked?

The Office of the Australian Information Commission (OAIC) reported 262 data breaches alone from October to December 2018. More than 60% of the cases reported were malicious or criminal attacks and human error also made up approximately 30% of reporting.

Activities such as loss of a device, sharing wrong information and inappropriate IT resourcing are all mistakes that could result in a cyberattack. The healthcare industry experiences the biggest risk of being hacked or having its data compromised.

Due to the amount of sensitive patient data and records it keeps, it comes as no surprise this industry is always at risk. In the last 12 months of OAIC reporting, the healthcare industry has confirmed a total of 163 cases alone.

While ensuring your organisation has a sound data backup and disaster recovery plan in place is key and, it is also necessary to train staff to be aware. Training staff on maintaining good passwords, being aware of fraudulent emails and reporting suspicious online activity will help to prevent a cybersecurity attack.

Unaware staff who do not display a degree of caution can be detrimental to the security of your organisation.

Our top tips to prevent an attack:

  • Always keep records of data that may be attractive for cybercriminals and which information requires a higher level of security. Reviewing your organisation’s data risk on a regular basis is very important.
  • Use two-factor authentication and encourage all employees to do the same. This requires you to enter a password and then another code which is obtained from your smartphone.
  • Plan systematic audits for your company in order to keep your organisation clean from all types of viruses.
  • Train all staff to be aware of suspicious emails and online pop-ups. Be sure to review how your employees are using passwords and keep them safe from unauthorised personnel.
  • Ensure all important data and information is backed up to one or more local datacentre, so it can be easily accessed in the event of a disaster. Keeping data in the cloud that is managed by a secure provider will ensure you are able to access your data from anywhere, at any time. Having this flexibility and ease of access reduces your chances of becoming a target.