Practical tips for protecting information and systems


Cyber incidents are increasing in frequency across all sectors including charities and not-for-profits. As a result, the Australian Signals Directorate’s Australian Cyber Security Centre is encouraging charities and not-for-profit organisations to protect their information and systems. The steps that these organisations can take are the same steps that all types of organisations can take – that is, they are not limited to charities and not-for-profits. The Cyber Security Centre recommends organisations:

  • Turn on multi-factor authentication where possible.
  • Check automatic updates are on and install updates as soon as possible.
  • Back up important files and device configurations often, and test backups on a regular basis.
  • Use a reputable password manager to create strong, unique passwords or passphrases for all accounts.
  • Provide cyber security training, particularly on how to recognise scams and phishing attempts.
  • Use access controls and review them often so staff can only access what they require for their duties.
  • Use only reputable and secure cloud services and managed service providers.
  • Test cyber security detection, incident response, business continuity and disaster recovery plans often.
  • Review the cyber security posture of remote workers and connections.
  • Report a cybercrime, incident or vulnerability.
  • Join ASD’s Cyber Security Partnership Program as a business or network partner.

Cyber incidents cost organisations a lot, not just in money but also in time and reputation, and in addition it can jeopardise the health and wellbeing of those whose personal information is accessed as part of an incident. This causes unnecessary harm to individuals and communities. 

Organisations should also be ready for a cyber incident including by ensuring that they have a current data breach plan, which covers off matters from reporting incidents to communication plans for stakeholders and managing business as usual. Boards should ensure the risk of a cyber incident is one their organisation is ready to detect and respond to, and recover from.

Griffin Legal regularly assist organisations with their cyber governance and risk management.  Please consider saving the mobile numbers of the Griffin Legal personnel you routinely work with in the event you need to contact us should a cyber incident occur within your organisation.

As always, we are here and ready to assist in responding to your queries and to assist you.

Parental Leave for Casual Employees

For casual employees the unpredictability of their employment can be a major source of stress as often casual employees miss out on many of the entitlements that full-time and part-time employees enjoy. For many, this concern is further exacerbated when they learn that they are about to become a parent. It should therefore be of …
Read more

Purchasing an Off-the-Plan Property

The interest in “off-the-plan” properties is ever increasing and is becoming more popular for buyers. An off-the-plan purchase is one where the Buyer enters into a contract to purchase a property that has not yet been constructed. Due to the prolonged settlement period for an off-the-plan purchase it is imperative for buyers and sellers to …
Read more