Research in Australia and overseas suggests that most cyber breaches can either be prevented or the impact of any attack can be significantly limited by a range of low cost and easy to implement measures. These include the following:

  • Username and password standards should be sophisticated.
  • Administrative and privileged access should be controlled.
  • Undesirable applications should removed.
  • Automated patching tools and processes should be used.
  • Data should be backed up regularly.
  • Access to mobile devices should require authentication and data should be encrypted.
  • Anti virus software and filters should be used.

Research released by the Australian Defence Signals Directorate (DSD) indicates that at least 85% of the cyber intrusions that the DSD has responded to would have been mitigated had organisations implemented the above strategies.