Methodical & planned vs Reactive & ill-equipped

Keeping your business information secure isn’t just critical to your operations, it’s an essential part of your success. But the threat of a cyber-attack is growing by the day.

Nearly 1 million new malware threats released every day.i

90% of cyber-attacks use information stolen from employees who unwittingly give it away.ii

Australia is the 4th most targeted country for spear-phishing attacks.iii





Mobile workers connecting to unsecure networks, being infected and bringing malware back to the office network.

Employees clicking on suspect emails and inadvertently handing over secure data.

Unauthorised users gaining access to and stealing sensitive information.


The cost of global cybercrime: $500m in 2015. $2.1 trillion by 2019. iv

556% increase in security breaches last year.v

400% increase in spam, almost 40% of which was ransomware.

26% – That’s the likelihood of a breach happening over 24




Organisations are protecting their critical information from a breach by implementing the right strategies, platforms and tools to keep them ahead of attackers. But not everyone is as prepared as they should be.

Business is generally acting in one of two ways:

The Bear Grylls Approach

By drawing on vast experience, they equip themselves with the best IT security tools, are prepared for any data-loss scenario and know the exact steps to take should disaster strike.

The She’ll Be Right Approach

Act as if they are immune from attacks and often unwittingly implement minimal or no policies, then believe everything will be fine. Only react when they absolutely need to.


Software and definitions
auto updated

Robust password policies
& two-factor authentication

Users educated on security

Users blocked
from installing software

Content and URL

Backups and restores
- tested regularly

Unused options

Traffic and users

Layers of security


Passwords are set, forget
and shared

Software and definitions
loaded at install and left

New users coached on security
then left alone

Open slather on users installing
software and add-ons

Outdated models
of filtering

Backups run but not tested
for integrity

Restore tests
not run

Unused options left
'on the vine'

Unregulated traffic
and users


How they respond to security issues


The Bear Grylls Approach

  • Identifies application safety and uses Mobile Device Management (MDM) software to ensure only authorised apps can execute on mobile devices.
  • Defined company security policies for using mobile devices ‘on the road’.
  • Uses MDM or Patch Management to ensure mobile devices are regularly updated and kept that way.
  • Uses endpoint security software to protect mobile devices.


  • Prevents malware and data breaches by avoiding the use of untrusted & vulnerable applications.
  • Keeps staff across the latest threats/risks and how to respond to them.
  • Increases competitive advantage through the use of mobile apps.

The She’ll Be Right Approach

  • Open slather for staff to install any apps they want, from anywhere.
  • Auto updates to apps left to user discretion to implement.
  • Open access to all apps and websites.


  • Unauthorised apps may harm the network or compromise data when device connects to company network.

The Bear Grylls Approach

  • Password rules (which may be automatically enforced).
  • How to spot suspicious emails or websites.
  • Restrictions on accessing or sharing sensitive data.
  • Controls on using mobile storage devices (like USB sticks).


  • Able to keep staff across the latest threats/risks and how to respond to them. Business-critical data remains secure and employee negligence is cut down significantly.

The She’ll Be Right Approach

  • No documented policies, so best practice is diluted to ‘word of mouth’ type education and handovers between staff. General decline in security practice, until an event occurs.
  • Sticky notes used extensively to share passwords.
  • Commonly known and used passwords within the business.


  • A cybercriminal or attacker gets into the network and steals or compromises data, or otherwise harms the operation of the business.

The Bear Grylls Approach

  • User profiles robustly managed to ensure access is correctly granted to those who need it.
  • Administration passwords are tightly held and managed.
  • Defined process to deactivate (in a timely manner) user accounts of employees who leave the organisation.


  • Has complete visibility over who is accessing important data and what they are doing and has peace of mind that only authorised staff are able to access this data.

The She’ll Be Right Approach

  • Default IT access setting for new staff is ‘access all areas’.
  • Same default password issued to all new staff with no forced change.


  • An employee does not realise they are moving or overwriting sensitive data. This puts the company into a breach position with regard to legal obligations and may trigger compliance issues.

How prepared are you for a cyber-attack?
Get your Sundata Security Score.


Question 1/9

How much importance do you place on constantly patching and updating your software and operating systems?

Question 2/9

What level of control do you have over the use of non-authorised applications?

Question 3/9

What level of priority have you placed on carrying out a full IT security review on your business in the past 6 months?

Question 4/9

What level of control do you have over staff access to important data?

Question 5/9

How would you rate the stringency of your rules and policies for the use of the Internet and IT?

Question 6/9

How would you rate your staff’s knowledge of cyber threats, including how to spot malicious emails or websites?

Question 7/9

If you experienced a cyber-attack, how confident are you that you or other staff members would know what to do?

Question 8/9

How much of a priority is regularly backing up your business data and testing the recovery of backups?

Question 9/9

To what level can your staff confidently and safely use mobile devices outside of work without risking security breaches? How do you know they are doing this.

Your results have been calculated!



Business protection starts here

Sundata has partnered with Cisco to deliver Cisco Umbrella - a cost effective cloud security platform that provides the first line of defence against threats on the Internet wherever users go.
Cisco Umbrella uses DNS to stop threats over all ports and protocols - even direct-to-IP connections. Stop malware before it reaches your endpoints or network.

Cisco Umbrella gives you:

Threat protection that blocks malware, C2 callbacks, and phishing

Predictive Intelligence that automates threat protection, to detect attacks before they are launched

Worldwide coverage, fast — no hardware to install or software to maintain, all for a low monthly fee.

Weekly security report, delivering a personalised summary of malware requests and more, directly to your inbox

With Sundata and Cisco Umbrella:

Security teams will have fewer malware infections to remediate, and threats will be stopped before they cause damage:

Increase visibility into internet activity across all locations and users, enabling safe mobile workers and improving productivity.

See which sanctioned and unsanctioned cloud services are in use across the enterprise and identify potential risk.


Fill in the form to register your interest in a free 14 day trial.