Just two weeks after the Optus security breach was announced, Telstra and NAB have also reported suffering data breaches where a cybercriminal gained access through a 3rd party and leaked the names and email addresses of over 30,000 current and former staff. It almost feels like there are cyber criminals hiding around every virtual corner and sadly, cyber-attacks are all too common.

With a cyber-attack being reported every 8 minutes in Australia, it’s important for businesses to understand that no protection is 100% fool proof. Protecting your business from the front-end by having a Cyber Security strategy in place is a great way to mitigate cyber risk but no matter how much time and money you spend, at the end of the day there is always a risk of a cyber crime affecting your business. So, it’s important to know what to do after a breach as well.

Optus has been facing a lot of criticism on its communication with customers from the public and the telecommunications giant has been accused of “not co-operating” with providing information to the Australian government. This hasn’t been great for Optus’s brand image. Since the breach, many customers may be thinking of switching their phone service to a competitor though is the solution to drop any company that has a data breach?

It’s common knowledge that negative press can have a significant impact on a company’s reputation – both internally with staff and externally to customers. As time goes on, and cybercrime continues to become more commonplace, organisations will continue to be judged not only by how they have protected sensitive information but more on how they respond to a cyber incident. How you respond to a breach can be the key to retaining a positive brand image and customers’ trust. Protecting your businesses brand image is just as important for small businesses as it is for large enterprises.

Say you are a small accounting firm with no more than 100 customers. A cybercriminal has gained access to your files and stolen all of your customers’ tax file numbers and financial details. Having to notify each customer of the breach and nullify the situation is no less confronting for a business owner if they have 100 customers or 10,000 customers. In fact, having the wrong response could be devastating to your business. Would you know what to do? How would you assure your customers that your business is still safe?

So what can you do?

The first step is to not panic. We all make poor decisions when we are stressed and it’s important to do what’s in the best interest of your business. So, be prepared for the worst and work with your managed services provider and managed security provider to develop a security incident response plan. This plan should include a detailed guide on what steps to take and how to communicate with all parties involved.

At ONGC, our Cyber Security Services provide guidance to you on building a strong response plan which includes the following steps:

Identify Incident & Stop it

Isolate the incident and prevent it from spreading.

Review the Incident

How did it happen? Assess the situation and determine what gaps need to be filled such as employee training or additional security measures.


Reduce the chances of it happening again by rolling out the required changes to your environment. In the event of a Notifiable Data Breach event, report the incident and notify the relevant parties.

In the case that you have to report a data breach to the Office of the Australian Information Commissioner (OAIC), it is important that you are able to demonstrate the steps you have been taking to safeguard your systems and data. Failure to be able to do this may lead to additional risk and further investigation and fines being applied.

Have You Got a Response Plan?

You can’t completely prevent an attack from happening, but you can control the way you handle it. Knowing how to respond to a cyber-attack is as equally important as mitigating the risk. It can be the key to preserving your business’ reputation and getting operations back to normal quickly. By showing you have your staff and customers’ interests at heart and that you are clearly managing your duty of care, you may retain trust and confidence in your business.

If you’re looking to improve your cyber security stance and establish a response plan, talk to us today.