Important changes to the Australian cyber security landscape in 2022

November 21, 2022

Companies need to consider their cyber security more than ever due to the increased threat of hacking and cybercrime.

This threat has been highlighted by cyber security experts for years, but it wasn’t until May 2022 that the Australian Federal Court made a decision to place the responsibility of cyber security defence on companies that operate in financial services. The court ruled that an Australian financial services company failed to meet its obligations by not mitigating its cyber security risks thoroughly.

This has set a precedent for all other financial services companies in Australia, as the burden is now on them to ensure their cyber security standards are up to scratch. Unfortunately, this is the result of growing threats of cyber attacks in recent years. Failing to protect against things like brute force hacking could lead to serious leaks of personal information as well as financial problems for companies and clients alike.

As a result of this ruling, the Australian Securities and Investment Commission (ASIC) outlined that all financial entities adhere to the latest guidance from the Australian Cyber Security Centre. One of the main tenets of their guidance is adopting the Essential Eight framework which provides a good foundation for cyber security and compliance.

What is the Essential Eight?

The Essential Eight is a type of cybersecurity framework established by the Australian Signals Directorate. It’s an iterative piece of guidance that’s changed considerably over the past 5 years, bringing in additional strategies and components to their guidelines. The eight strategies outlined in this framework include:

• Application control

• Patch applications

• Configure MS Office macros

• User application hardening

• Restricting administrative privileges

• Patch operating systems

• Multi-factor authentication

• Daily backups

These eight strategies fall into one of three distinct categories: preventing attacks, limiting attack impacts and data availability.

What is the Essential Eight maturity scale?

If you’re adopting the Essential Eight framework, you can monitor and assess compliance levels using the Essential Eight maturity scale. This breaks progress into one of three different levels, including:

• Level one: Partially aligned with the strategy goals

• Level two: Mostly aligned with the strategy goals

• Level three: Fully aligned with the strategy goals

The maturity scale is particularly useful because it can be tailored to address the unique risks found in specific organisations. This level of customisation makes the scale more useful when addressing compliance, as it ensures everyone involved knows the specific actions and steps necessary to progress through the levels.

At the moment, guidelines from the Australian Signals Directorate suggest that all businesses in Australia reach level three of the maturity scale to ensure their protection against cyber threats. With that said, the Essential Eight is seen as the minimum level of protection that a company should strive for. These strategies are ideally used alongside more advanced and tailored solutions for businesses to prevent cyber attacks.

Is the Essential Eight a legal obligation?

Due to the increased threat of cyber criminality and our growing reliance on the internet for business, the Australian Federal Government is going to mandate the Essential Eight framework for all non-corporate Commonwealth entities. Prior to these changes, it was only expected that the top four controls found in the first objective in the Essential Eight were followed by all organisations. Now, all eight strategies are to be adhered to.

Part of this new mandate will involve assessing companies to ensure they’re maintaining compliance. As a result of this, all organisations expected to comply with the Essential Eight will also receive an in-depth audit every five years to assess their security measures, starting in June 2022.

Other approaches to reducing the risk of cyber attacks

As mentioned above, the best way to protect your business is by going beyond the minimum level outlined in the Essential Eight. There are many different tools and strategies you can bring in to help with this, but enlisting the expertise of an Accounting Service provider like 360 Accounting Services is one of the most effective approaches. Bringing in the experts can help with a number of things, such as:

• Establishing systems to provide you with greater control over your cloud-based applications and websites.

• Providing guidance around compliance with regulatory requirements and best practices for your industry.

• Experience high-quality support, training and other resources for the organisation to help with cyber security and protection.

As the need for stronger cyber security strategies continues to grow, having the right expertise on your side is becoming more important. Whether you’re an accounting firm or another type of financial services provider, it’s vital that you have the right infrastructure and intelligence in place to protect your business - and your clients - from the threat of cyber attacks.

360 Accounting Services is proud to be Accounting Data Security Standard Certified and we have implemented Practice Protect for added security. To learn more about how 360 Accounting Services can help you protect your business from the threat of cyber attacks, get in touch with our team today at 1300 360 749

< Older Post Newer Post >

Share This Post

Simple Financial Habits for Business Owners

By 360Accounting Services • November 5, 2025

Simple Financial Habits for Business Owners Running a business comes with a myriad of responsibilities, and sometimes, financial management can feel overwhelming. However, by adopting a few simple financial habits, business owners can maintain better control over their finances, ensure long-term stability, and reduce stress. This blog post will outline some essential practices that can make a significant difference. 1. Separate Business and Personal Finances This is perhaps the most fundamental rule for any business owner. Commingling funds can lead to confusion, complicate tax filings, and make it difficult to accurately assess your business's financial health. ● Open Separate Accounts: Set up distinct bank accounts and credit cards for your business. ● Avoid Personal Expenses from Business Accounts: Even small, seemingly insignificant personal purchases from your business account can create headaches. ● Pay Yourself a Salary: Treat yourself as an employee of your business and pay yourself a regular salary. 2. Track All Income and Expenses Accurate record-keeping is crucial for understanding where your money comes from and where it goes. This information is vital for budgeting, forecasting, and tax preparation. ● Use Bookkeeping Software: Invest in reliable accounting software like MYOB, Xero, or QuickBooks. These tools automate many tasks and provide clear financial reports. ● Categorise Transactions: Consistently categorise your income and expenses. This helps you identify spending patterns and areas for improvement. ● Keep Receipts: Digitise or keep physical copies of all business-related receipts. This is essential for auditing and expense verification. 3. Regular Review of Financial Statements Don't just record transactions; understand what they mean. Regularly reviewing your financial statements will provide insights into your business's performance. ● Profit and Loss (P&L) Statement: Review your P&L monthly to see your revenues, costs, and profits. ● Balance Sheet: Check your balance sheet quarterly to understand your assets, liabilities, and equity. ● Cash Flow Statement: Analyse your cash flow regularly to ensure you have enough liquidity to meet your obligations. 4. Create and Stick to a Budget A budget is your financial roadmap. It helps you allocate resources effectively, prevent overspending, and work towards your financial goals. ● Develop a Realistic Budget: Base your budget on historical data and realistic projections. ● Monitor and Adjust: Regularly compare your actual spending to your budget and make adjustments as needed. ● Allocate Funds for Taxes: Set aside a portion of your income for taxes, as estimated taxes can be a significant surprise if not planned for. 5. Build an Emergency Fund Just like personal finances, businesses need an emergency fund to weather unexpected challenges, such as a sudden drop in sales, equipment breakdown, or economic downturns. ● Set a Target: Aim to have at least 3-6 months of operating expenses saved. ● Automate Savings: Set up automatic transfers from your operating account to your savings account. 6. Regularly Reconcile Bank Statements Bank reconciliation ensures that your internal records match your bank statements. This helps catch errors, detect fraud, and verify the accuracy of your books. ● Monthly Reconciliation: Reconcile your bank accounts and credit card statements every month. ● Investigate Discrepancies: Promptly investigate any differences between your records and the bank's records. 7. Seek Professional Advice While these habits provide a strong foundation, there will be times when you need expert guidance. ● Consult a Bookkeeper or Accountant: A professional bookkeeper or accountant can help set up your systems, ensure compliance, and provide strategic financial advice. ● Tax Planning: Work with a tax professional to optimise your tax strategy and ensure you're taking advantage of all eligible deductions. By consistently practicing these simple financial habits, business owners can gain a clearer picture of their financial health, make informed decisions, and pave the way for sustainable growth. Start implementing these habits today, and watch your business thrive. For more detailed guidance and personalised support, contact us at 360 Accounting Bookkeeping Services. We're here to help your business succeed. Contact Us: Phone: Parikshit Kikla (PK) Email: pkikla@360accountingservices.com.au Website: https://www.360accountingservices.com.au/