October is Cyber Security Awareness Month, and HVIA is sharing the latest intelligence from the Australian Government’s Australian Cyber Security Centre (ACSC) because protecting your business means protecting our whole industry.
Cyber incidents are hitting Australian businesses harder than ever. The ACSC’s 2024-25 Annual Cyber Threat Report shows a 16 per cent increase in cybercrime reports, with businesses now losing an average of over $80,000 per incident. For many in our industry, that’s a devastating hit to both finances and reputation.
Just this week, a Qantas data breach revealed how even global brands can be compromised through their supply chains. Attackers posed as IT staff and accessed systems through a third-party platform. It’s a sharp reminder that cyber security isn’t only about software – it’s about people, processes and partnerships.
HVIA want to help you stay ahead of these risks. The ACSC’s guidance this month highlights four priorities every Australian business should focus on:
1. Event logging
You can’t defend what you can’t see. Event logging provides visibility into your systems – helping you detect unusual activity and stop small issues before they escalate.
Effective logging also ensures you have evidence if an incident occurs, making recovery faster and compliance simpler.
2. Legacy technology
Outdated hardware and software create open doors for attackers. While upgrading systems can seem costly, the price of an attack is far higher. Modern technology benefits from regular security updates and vendor support.
Where replacement takes time, temporary measures like network segmentation and enhanced monitoring can help reduce exposure.
3. Supply chain and third-party risk
Cyber supply-chain security should be treated as seriously as your own. Every supplier, manufacturer, distributor and retailer linked to your systems represents potential exposure.
An effective management strategy includes identifying your supply chain, understanding where cyber risk lies, setting clear expectations with partners, auditing compliance and continuously monitoring and improving security practices.
A single weak link can open the backdoor to your entire operation – so make sure your partners’ protections are as strong as your own.
4. Quantum readiness
The next wave of computing technology will render many current encryption methods obsolete. Preparing now – by identifying where traditional cryptography is used and planning a transition to quantum-resistant algorithms – will safeguard your data well into the future.
At a personal level, the Australian Government is encouraging all Australians to take three simple steps:
> Install software updates to keep your devices secure.
> Use a unique, strong passphrase on every account.
> Always set up multi-factor authentication.
These small habits, when adopted across workplaces, help build a truly cyber-safe culture.
HVIA encourages every member to take a few minutes this month to review systems, update passwords and talk with your teams about keeping both your people and your business safe.
If you ever suspect a breach or need urgent advice, the Australian Cyber Security Hotline (1300 CYBER1) operates 24/7.
Strengthening cyber resilience isn’t just good IT practice – it’s good business. Every member who takes action helps make our whole industry more secure.
Learn more at cyber.gov.au/CAM2025 and actnowstaysecure.gov.au/cybermonth2025.