HSA July 2023
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
M E M B E R A D V I C E<br />
The Security Audit<br />
No Pub Should Ignore<br />
The “Essential Eight” cyber<br />
security audit is a benchmark<br />
that every hotel should test<br />
themselves against.<br />
It will quickly tell you where your<br />
business has digital weak points<br />
that could be hacked.<br />
There are many cyber security<br />
testing tools online - but the<br />
Essential Eight Cybersecurity<br />
Framework is the “gold standard”<br />
for Australian businesses.<br />
Key reasons:<br />
1. It’s independent and it’s free. It<br />
was developed by the Australian<br />
Signals Directorate (ASD), which<br />
is the government’s top agency<br />
to defend against cyber attacks.<br />
2. It is designed for business.<br />
3. It gives you a numerical rating<br />
across eight areas.<br />
4. The results provide you with<br />
a clear pathway to improve.<br />
At Boylen, we tried a range of online<br />
tests for Essential Eight and chose<br />
a self-audit on the First Focus<br />
website. We used it to rate our<br />
security but we used our existing IT<br />
supplier to toughen our defences.<br />
How to Save Money on the Audit<br />
The average business owner<br />
or manager can’t complete the<br />
Essential Eight on their own.<br />
It’s too technical.<br />
We have IT specialists on our<br />
full-time staff, so we were able to<br />
answer questions quickly. If you<br />
don’t have IT staff, you will need to<br />
meet your provider and ask them<br />
these technical questions.<br />
But you should sit in on the process<br />
so you understand what’s going on<br />
with your security at a high level.<br />
Some businesses offer high-priced,<br />
all-in-one solutions. They’ll spend<br />
several days in your business,<br />
test a variety of computers on<br />
your premises and so on.<br />
But we believe that your IT supplier<br />
should be able to verbally give you<br />
yes or no answers in a meeting,<br />
which will enable you can complete<br />
the Essential Eight assessment<br />
in an hour or two. Where your IT<br />
advisor will make their money is in<br />
providing solutions -because you<br />
are guaranteed to find flaws that<br />
need attention.<br />
Other Audits<br />
The problem with some of the<br />
testing tools online is that they<br />
set the bar too low.<br />
For example, Boylen completed<br />
the government’s Cyber Security<br />
Assessment Tool and we rated<br />
at the top level – “Champion”.<br />
But we knew we weren’t! This<br />
was confirmed when we<br />
completed the Essential Eight.<br />
THE “EIGHT” EXPLAINED<br />
The Essential Eight covers<br />
eight fundamental areas of<br />
cybersecurity that every<br />
business should focus on.<br />
These strategies are designed<br />
to mitigate a range of common<br />
cyber risks and are based on<br />
extensive research and analysis<br />
of real-world cyber attacks.<br />
28 | Hotel SA | www.ahasa.asn.au Back to Contents