top of page
  • Writer's pictureCrisis Shield

Essential Eight: How Cyber Safe Are Your Business Partners?

You would need to be living under a rock to not be aware of the increase in cyber threats and attacks. Hardly a day goes by that we don’t see a major corporation fall victim to a cyber incident (and that’s the ones we know about!)

Some recent statistics to show just how serious things are:

= More than 4,000 data breaches occurred in 2022

= Australia may see its first $1 billion data privacy fine this year

= Cyber attacks are expected to double in Australia within five years

While there is a lot of valuable information and businesses available to assist in strengthening your posture, most forget to mention that 98% of organisations worldwide have at least one third-party vendor that has been breached in the last two years. That’s someone from outside your organisation who has access to your system in some capacity – from your payroll, production line monitoring, HR system to carpark swipe cards, the list is endless.

In our pursuit of automating everything possible (and for good reasons) we have also increased our exposure to weaknesses in our third-party providers' cyber protection. When your system is compromised by a third-party provider you still must manage the outfall.

Today many corporations are mandating evidence that all providers have a sound cyber security protection. The Australian Cyber Security Centre (ACSC) has prepared a baseline benchmark of cyber security to adopt when engaging with other businesses called the Essential Eight maturity model.

By adopting this baseline level, it provides a degree of comfort to potential clients that they are working with a cyber-mature company.

Whilst this is no guarantee that your provider won’t fall victim to a cyber incident, it does provide a good level of assurance that sound measures (as recommended by the ACSC) are in place.

Here at Crisis Shield we are in the final stages of reaching Essential Eight, level 2 compliance with assistance from KMTech.

It hasn’t been without some work and cost, but the upside for us and our clients is the comfort that we have a good cyber security posture.

If you would like to know more on how to manage a cyber incident, don't hesitate to contact us on


bottom of page