Cyber security

AustCyber CEO Michelle Price on how to protect your startup against cyber threats

- October 22, 2021 4 MIN READ
Michelle Price
AustCyber CEO Michelle Price
AustCyber’s annual Australian Cyber Week, kicks off on Monday running October 25-29.

The event offers a mix of virtual and in-person sessions focused on the Australian cyber security industry and local innovation.

The full event schedule is  here.

Ahead of Australian Cyber Week, we spoke to AustCyber CEO Michelle Price about how everyone needs to think about cyber security and prioritise it and what startups need to do to protect themselves from cyber attack and hackers, as well as what to keep an eye out for next week. 

Here’s what she said.

What is the current state of cyber security in Australia and how has it evolved over the last 12 months? 

The nation’s critical infrastructure is at risk. Lack of awareness around cybersecurity is as big of an issue as cyber attacks.

An Australian Strategic Policy Institute report back in July warned that Australian organisations were ‘soft targets’ for ransomware attackers and it’s true. We need to improve our cyber security as a nation to help Australians and their businesses, as ransomware attacks have increased 60% over the past 12 months.

The attacks have evolved over the years, but improving awareness and prevention hasn’t, making increased education about cyber security best practices an essential tool for any startup. 


Why is it so important that startups protect themselves against security threats from the start of their business journey?

Startups can often be easier targets for hackers as they have fewer resources, are more often than not using cloud software that can be vulnerable to cyber attacks, and may host both internal and user data.

Startups in Australia are in a unique position in particular as Australia is a regular target for hackers due to the country’s wealth and isolation from the rest of the world. With this in mind, increased cybersecurity education and the implementation of tactics and preventative measures are crucial for startups in Australia.

What are some things startups can do to safeguard themselves against cyber attacks? 

There needs to be more focus on the basics, understanding what ransomware is, what it does and how to protect your organisation – so arming themselves with information would be the best first step. A lot of attacks would be avoidable if effective organisational cybersecurity controls were in place, proper cyber hygiene was being practiced and security features were up to date.

However, cybersecurity should be a focus for startups. Startups need to ensure that their business is protected overall to complete day to day activity – from the devices and software used by the team to work to ensuring payroll and employee data are secure.

Finding a cyber security advisor specialised in startups or small businesses can help protect day to day activity and employees.

They are hard to find, but they do exist and their counsel will be invaluable. A good place to start is at Auscyberscape, a platform that connects companies with cyber security providers. 

The other aspect startups should consider is embedding world-class cyber security measures into their product from inception to make them secure by design. User data, along with gaining or maintaining trust from users, is at risk without having proper protection. This is a critical aspect for achieving success as user data is highly sought after by cyber attackers.

There are some other easy initial steps startups can take to protect their work and their team against cyber threats and attacks:

  1. Secure your wifi network with a firewall
  2. Install the latest security software and programs on all computers
  3. Create unique strong passwords and change them regularly
  4. Implement two (or multi) factor authentication for accounts
  5. Provide regular updates and training to your team on best cybersecurity practices
  6. Protect your data with encrypted backups
  7. Put a plan in place in case a cyber security or data breach takes place
  8. Implement patch management regularly to keep your security hygiene up to date
  9. Visit www.AUCyberscape.com.au to find a cyber security solution for your organisation. 

How are current and emerging cyber threats being addressed to support businesses, including startups, and strengthen the country’s cyber security in the face of attacks?

In October, a major change was announced to Australia’s cyber security regime: businesses who have a turnover of more than $10 million will be forced to inform the federal government when they have been hit by a ransomware attack.

This plan aims to enhance the understanding of the threats and better support victims – specifically designed to support small and medium businesses, like startups. It’s a positive step forward. 


Why is this year’s Cyber Week so significant? What will the sessions feature? 

Each day, Australian Cyber Week has a feature event to demonstrate Australia’s globally competitive cyber security ecosystem and will touch on prominent themes the sector is currently focusing on:

  1. On 25 October guest speakers will walk through a significant cyber-attack on Australia through a hypothetical situation to underline the importance of digital trust in keeping our digital activity secure and resilient
  2. On 26 October experts will discuss career pathways, upskilling and micro-credentialing for a remote workforce to prepare for the rapid growth over the next three years
  3. On 27 October 10 of Australia’s most innovative companies will present pitches to the audience to vote for their favourite product or solution
  4. On 28 October the key event will be a debate on the current state of procurement and policy as it relates to the emerging technology sectors within Australia
  5. On 29 October Australian company OSINT Combine will facilitate an instructor-led full day of open source intelligence (OSINT) training for participants to learn open source fundamentals, searching essentials and cross platform social media network analysis

This year’s new addition is the online cyber escape room sessions will allow participants to immerse themselves in an Australian cyber-attack scenario