skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus

Article | 4-minute read

Protecting your business against cybercrime

Business planning

Technology has transformed how people do business today. It helps us work faster and more collaboratively, and it helps us work from anywhere. Yet this transformation is not without risk. In fact, the risk of cyberattack is growing.

Unfortunately, as more businesses take their work and transactions online, cybercriminals get more sophisticated at what they do. Stories of phishing, social engineering, ransomware, malware and more are hitting the headlines with growing frequency and the attacks are proving costly. For example, business email compromise (BEC) scams alone cost Australians $79 million in the 12 months to July 2021.

Given that cybercrime is not going away, every business large and small should be prepared for an attack. Regardless of how secure your systems are, it’s a question of when, not if, you’ll be hit. And then, how quickly you can respond.

A simple, actionable way to boost your cybersecurity is to create a PACT to fight cybercrime. Here are some easy to remember steps to protect your business, people and information.

Pause before sharing information

Ask your employees to always think before sharing or accessing information, especially information that may be sensitive.

A key way to protect sensitive information is to use passwords. They help keep hackers out of your systems – but only if they are strong enough. Cybercriminals can easily crack passwords of seven or eight characters, even if they are a messy mix of numbers, upper and lower case letters, and special characters.

The Australian Cyber Security Centre now recommends you use passphrases instead. Passphrases are long, complex, unpredictable and unique strings of characters that are a lot harder to crack.


  • Replace short passwords with longer, complex passphrases
  • Use a different passphrase for every account
  • Use a password manager to help you remember and save your passphrases
  • Avoid using words or names in your passphrases that can be easily found on your social media or personal profiles (for example, pet names, middle names, street names, date of birth).

Activate two layers of security

Multi-factor authentication (MFA) is widely regarded as a must-have security measure, and for good reason – it makes it much harder for cybercriminals to hack their way into your systems. The additional layer of security takes the pressure off poor password management too.

With MFA in place, you can only gain access to devices or business systems with two or more proofs of identity. Typically, it uses a combination of something you know (like a PIN or secret question), something you have (like a card or token) and something you are (like a fingerprint).


  • Think about all the devices and applications you use in your business, and set aside the time to set up MFA
  • Check out the Australian Cyber Security Centre’s guidelines for setting up Two-Factor Authentication on common platforms like Microsoft, LinkedIn and Gmail – if the platforms you use aren’t on their list, a simple Google search should provide guidance around how to turn it on.

Call out suspicious messages

Human error is a key cause of cyberattack, so it pays to educate your staff. For example, an employee might click on a phishing link, download malicious software, share customer information with an unauthorised caller, or use a weak password for entry into your business applications.

Cybercriminals prey on human vulnerabilities like these. That’s why it’s so important to keep your employees in the loop about all of your security strategies, policies and processes.


  • Encourage staff to detect and report malicious emails, suspicious phone calls or anomalous activity on your network
  • Provide time and support for staff to set up MFA, passphrases and other security measures.

Turn on automatic software updates

Security breaches almost always occur on out-of-date devices and software. If you don’t run the latest versions of operating systems, software and applications, you could expose yourself to more risk.

Automatically updating your operating systems and software to the latest versions – which come with better security – will help protect your business from malware and ransomware.

And don’t forget to back up! With ransomware and malware attacks on the rise, it’s more important than ever to also regularly and automatically back up your data.


  • At a minimum, turn on automatic updates for all software from operating systems to antivirus software
  • Keep an eye out for when older devices and software reach end of support – at this point, the manufacturer or developer no longer supports updates, and your exposure to threats increases significantly
  • Choose physical and digital backup systems that work for you
  • Physically remove your storage device after each backup to protect it against cyberattack, and store it somewhere safe.

Stay on top of the latest updates

When it comes to cybersecurity, you can’t afford to sit still. As well as tackling the tips above, you should also consider completing the Australian Cyber Security Centre’s Cyber Security Assessment Tool – which will give you actionable recommendations to improve your security posture.

In the meantime, rest easier knowing that ANZ is here to help you reduce the risk of threats:

For more practical tools, content and articles that can help you move your business forward, one step at a time, visit the ANZ Business Hub.

Related articles

How to build a financially resilient business

4-minute read

The term “resilience” is everywhere right now. But before you dismiss it as just another COVID-19-related buzzword (hello “pivot”!), the financial resilience of a business has long been a key indicator of potential success. Which makes it something every business owner should be striving for, in good times and the more challenging ones.

Keep reading


Developing a risk assessment, management plan for your business 

3-minute read

It is important to consider all possible risks and scenarios that may exist both within your business and your external operating environment.

Keep reading



Get in touch

Request a call back

Have us call you back to discuss your business needs

Leave your details


Talk to someone local

Chat with one of our local business bankers

Find your local business banker


This information seeks to raise awareness and provides general information only. It may be necessary or appropriate to ensure that measures are taken in addition to, or in substitution for, the measures presented having regard to your particular personal or business circumstances.

Any advice does not take into account your personal needs, financial circumstances or objectives and you should consider whether it is appropriate for you.

ANZ recommends you read the applicable Terms and Conditions and the ANZ Financial Services Guide (PDF 179kB) before acquiring the product.

This page contains only general information which is subject to change and is not a substitute for commercial judgement or professional advice. This information does not take into account your personal and financial needs, particular objectives and/or circumstances, and you should seek appropriate independent advice (which may include property, legal, financial, taxation and accounting advice) before making any decisions, investing, or acting on it.

Tools, templates, checklists, and calculators (“ANZ Tools”) linked or referred to on this page, are only some of many ways to analyse a business or industry, or to assist your planning and business decision making. You should seek the assistance of your accountant, business or other advisor when either planning for or analysing your business.

To the extent permitted by law, all members of the ANZ group of companies, their employees, officers and contractors (“ANZ“), offer no warranty and disclaim liability or responsibility to any person for any actions, claims, costs, demands, liability, or direct or indirect losses or damage that may result from using or relying on the information set out in the pages or the ANZ Tools, and / or any act, omission or error, by any person in relation to them.  To the extent permitted by law, ANZ makes no warranty and has no liability in respect of your use and reliance. ANZ Tools are also subject in many cases to further specific cautionary wording and disclaimers which you should read.

ANZ tools, templates and checklists are only some of many ways to analyse a business or industry to assist your planning and business decision making. You should seek the assistance of your business advisor or accountant when either planning for or analysing your business' performance. To the extent permitted by law, ANZ makes no warranty and has no liability, in respect of your use of and reliance on these tools.