All topics

Cyber Information security Technology and Data

Your Financial Data Is at Risk: 4 Steps to Protect It Now!

Your Financial Data Is at Risk: 4 Steps to Protect It Now!
Person typing on a laptop with a cybersecurity shield on the screen

As technology and globalisation continue to evolve, the importance of protecting information assets and confidential data has never been greater. Every October, Cybersecurity Awareness Month is observed globally, providing individuals and organisations with the opportunity to reflect on the critical need for cybersecurity.  

This year’s theme, “Secure Our World”, highlights the significance of taking daily steps to reduce online risks and safeguard digital environments. 

On 24th September 2024, the Office of the Australian Information Commissioner (OAIC) released the Notifiable Data Breaches Report for the first half of 2024. The report showed a 9% increase in data breaches compared to the last six months of 2023, marking the highest number since the July-December 2020 period. 

The financial industry ranked as the third highest contributor, with 58 breach notifications submitted to the OAIC, with the Australian government being the second most affected sector in the first half of 2024. 

4 Essential Steps to Protect Your Data

Now that we know that the financial industry is one of most vulnerable sectors in terms of cyberattacks, it is crucial that we equip ourselves and organisations with the proper knowledge to ensure our information assets remain secure. Here are four vital steps to information safety: 

1) Use Strong and Unique Passwords 

Basic passwords like “12345” or easily identifiable information such as birthdays and pet names are not reliable for safeguarding important accounts that contain personal information. Using a simple password is akin to locking the door while leaving the key in the lock. Weak passwords can be easily cracked by hackers. However, it can be challenging to remember a unique, strong password for every account.  

Using a password manager to create and store strong passwords is one of the simplest ways to protect ourselves from unauthorised access to our accounts and the theft of sensitive information, data, money, or even our identities.  

2) Implement Multifactor Authentication (MFA)  

MFA adds an extra layer of security beyond just a password. Even if a password is compromised, a second factor (such as a code sent to your phone) is required to access the account. With the prevalence of data breaches leading to stolen credentials, MFA provides an additional safeguard against the misuse of compromised login information. 

If MFA is not available, consider using a passphrase—a longer, more complex series of words that’s both easy to remember and difficult to crack.  

For example: “PurpleElephantSlidingOverClouds!” or “RedHouseSkyTrain!”. 

Just like the protection for strong and unique passwords, long and unique passphrases makes it harder for humans to remember and machines to crack. 

3) Always Think Before You Click 

Since 30% of the data breaches were due to human factors, OAIC urges organisations to implement technical measures to reduce errors and emphasise that educating team members in identifying phishing attacks can help early protection in the organisation.  

Phishing is a type of cyberattack that uses fraudulent emails, text messages, phone calls or websites to trick people into sharing sensitive data, downloading malware or otherwise exposing themselves to cybercrime. 

Some of the common phishing tactics usually use generic greetings such as “Hello Ma’am” or “Dear Customer”, creating a sense of urgency or panic prompting users to act hastily without thinking. 

To avoid this type of scam or cyberattack, you have to: recognise the initial signs of phishing, ignore suspicious emails and report it to your email provider, and avoid sharing personal information.   

4) Keep Software Updated 

Cyber attackers are constantly evolving, but so are software developers. Regular software updates often include security patches that fix vulnerabilities. These updates help protect against cyber threats and ensure systems run smoothly. For businesses, keeping software up to date can also help meet regulatory and industry standards for data security.

Cybersecurity at VBP

At VBP, we take cybersecurity seriously and continuously work to strengthen our security measures to protect the data of our team members and clients. Our organisation implements several key strategies to ensure a secure digital environment including: 

  1. Strengthening web and email security
  2. Utilising a Password Manager 
  3. Enforcing Policies for Multi-Factor Authentication (MFA) 
  4. Regularly reviewing installed VBP application vulnerabilities 

How does VBP comply with the recommendations from the OAIC?

First, we implement the use of a password manager across the organisation. Following the National Institute of Standards and Technology (NIST) guidelines, we enforce a minimum of 12 characters per password for enhanced security. 

With our recent migration to the Microsoft environment, we’ve also leveraged Microsoft Intune, ensuring all user accounts are MFA-enabled and further upholding our security posture. 

One of our top priorities this year is strengthening our infrastructure by partnering with CrowdStrike and Cloudflare to enhance security across our systems. These partnerships enable early detection of potential malware intrusions, phishing campaigns, and provide daily insights into new vulnerabilities in installed software. 

As we continue to embrace digitalisation, we understand the vital role cybersecurity plays in protecting shared information assets. By implementing best practices and staying informed, we can significantly reduce risks and create a more secure environment for everyone. 

If you have any questions or would like more information about how VBP safeguards data, reach out to our Information Management and Security (IMG) team at vbpsecops@vbp.au. We’re here to support you in navigating the complexities of cybersecurity. 

About the Author
Neriza Dalanon
Deputy Manager
VBP

Subscribe to the VBP newsletter

Stay tuned to our latest stories through your email.

A Platform for adviser firms to scale and leverage

Improve back-office operation, reduce cost and improve task turnaround time.

Most read articles

Related topics

More related articles

Subscribe to
the VBP newsletter

Stay tuned to our latest stories through your email.