The Australian Signals Directorate's Australian Cyber Security Centre (ACSC) provides advice for responding to cyber threats and scams, and to protect your business from further harm.

The ACSC has published a range of tailored resources to help small businesses protect themselves against common cyber threats. 

The Cyber Wardens program educates small business about cyber threats. Cyber Wardens is designed to simplify cybersecurity by teaching Australian small businesses quick and practical cyber skills. 

Learn how to protect yourself against the latest scams at Scamwatch.

An Australian Government-funded service that provides free, tailored, person-to-person support for small businesses to improve their cybersecurity and recover from a cyber incident. The service is delivered by IDCARE, Australia and New Zealand’s national identity and cyber support service.

Learn about ATO impersonation scams, cyber safety and how to protect your business information.

Find out about legislation that covers the personal information your business collects from your customers and how you store it.

Create or update your cybersecurity policy to protect your business from cyber attacks and respond to any incidents. 

Prepare a cybersecurity incident response plan to help minimise the impact of a cybersecurity incident and get back to business as soon as possible.

Find out how eInvoicing can help your business cybersecurity. eInvoicing is the digital exchange of standardised invoice information between suppliers' and buyers' software through the secure Peppol network.

eInvoicing is a more efficient, accurate and secure way to send and receive invoice than using PDFs and emails.

Find out how to protect your personal information and report harmful content on common social media, games, apps and sites. 

See the latest cybersecurity reports and statistics including the annual cyber threat report that help your business stay informed of the current cyber threats in the Australian business environment. 

If you suspect the security of your myID has been compromised – for example, that someone has inappropriately accessed your personal information – report it immediately.

Know your obligations for protecting data. Under the Privacy Act 1988, some small businesses may have legal obligations for handling personal information they collect. The Office of the Australian Information Commissioner’s guide for small businesses helps you understand what your obligations are and how to meet them. 

If your business is covered by the Privacy Act 1988, you will need to comply with the Notifiable Data Breaches (NDB) scheme. 

In Australia, the NDB scheme means many organisations must notify you if your personal data has been involved in a data breach and this has put you at risk of serious harm. This could include serious physical, psychological, emotional, financial or reputational harm.