Trish
Hello listeners, it’s Trish Hammond here from the Transforming Bodies podcast, and welcome back to our next season. So, today, we’re like, we’re gonna start with something different this year, or this season. So, I actually hooked up with an organisation called well, doing cyber war and information with regards to, like, just basically keeping your business safe. So today, I’m gonna be speaking with Kimberley Roberts-Salee.
Now, Kimberly, she’s a senior marketing communication and stakeholder engagement professional, and she’s got 15 years of small business experience across a bunch of different industries like tourism, business events, government, and professional services, and she’s really passionate, you know, she’s the head of communications and marketing there for cyber war, so she’s really passionate about raising awareness around how important it is for small businesses to be aware of cyber security and also how to empower them and their owners and employees to increase their cyber resilience and learn how to stay safe online. And of course we’re gonna be guiding this towards the medical aesthetics industry, so welcome Kimberly.
Kimberley
Thanks so much Trish, it’s a pleasure to be joining you today.
Trish
Oh, it’s so nice, and for me it’s lovely because it’s something different to talk about as well, but it’s so important for aesthetic businesses and pretty much everyone as well, so it’s a great little intro for people as well.
Kimberley
It is indeed and it’s especially prevalent. Small businesses are one of the biggest targets of cybercrime, but especially healthcare practices, and when we say healthcare, it’s basically kind of everything from GP practices to of course cosmetology practices, and allied health as well.
So it’s really important to be talking to your audience about this and to be giving them the tools to to protect themselves and to make sure that they don’t, they don’t fall prey to cybercrime.
Trish
100%, 100%. So tell me, cause this is, you know, like a government initiative as well, am I right? Like, how did it kind of start? Like, why did they even think, I mean, obviously, it should have happened years ago, but, like, what was the catalyst to start it? Like, where did it all happen?
Kimberley
So Cyber Wardens is an initiative of the Council of Small Business organisations of Australia, so they’re a peak body representing small business organizations. You might have heard them referred to as COSBOA, but it’s a government funded program, so it’s a free program that’s designed specifically for sole traders, small business owners and small business employees to be able to get the tools that they need to stay safe online and when we stay safe, when we say stay safe online, it’s we deliver it in a way that that is really accessible for small businesses. So we don’t have any tech jargon in the course. The course is delivered across multiple delivery programs, so we’ve got online courses, we’ve got webinars, and we do some in-person, sorry, workshops as well. And at its core, Cyber Wardens was developed to be accessible to small business owners.
So we saw a gap where we know that cybercrime is only a growing problem in Australia, but what we found is that small business owners and small business employees don’t know where to start when it comes to cyber security. There’s a lot of information in the market. It’s very cluttered and it’s also very confusing if you are not confident , in terms of tech or online. So that’s where we saw the opportunity to create the program to respond to that need from small businesses.
Trish
Yeah, that’s great. And you know what, one thing, because of course, I’m a Cyber Warden, and I’m really proud and I always, I believe that every business should have at least one, and run everyone through the course, but just have at least one who’s kind of the responsible overriding person. But one thing that I really enjoyed about the course is the fact that it’s exactly like what you said, it’s really simple. You don’t have to have any qualifications in being techie or anything like that. You just need to be able to read and listen in a way.
Kimberley
Absolutely. And it’s delivered especially the webinar ones that we do. They’re delivered by Cyber Wardens educators, people like myself. I’ve got a small business background. I don’t necessarily have a huge tech background. And I really use that experience, that lived experience to deliver it in a relatable way to small business owners and we talk about things that are really basic things like, you know, making sure that your passwords are unique and are strong across all of your accounts, making sure that you have multi-factor authentication. We don’t get into the weeds of things. We just focus on the basics and things that are actionable for small business owners to do right away to empower them to be safer.
Trish
And fantastic, and one thing I’ve noticed, cause I did, I did my course at the very beginning when Cyber Wardens just kind of got released. And one thing I’ve noticed now is you can kind of go in and have a refresher, but the other thing is you can expand your knowledge, like you’ve got different like your foundations and your level one, and then you can kind of grow from there, so become a real, like become really good at what you, you know, your, your cybersecurity.
Kimberley
And we have to grow our course offering kind of on an ongoing basis. So like you said, we do have that foundation, which is those cybersecurity basics, but we have expanded now into safe AI for small businesses. So that’s a really popular one because as we know, AI is part of life now. There’s nothing we can do about it. It’s kind of all encompassing within our daily life. So it’s how to embrace AI. It’s how we already might be using AI without even us knowing and it’s also how to be able to identify AI generated scams because as much as AI can help us in our daily life and make our lives easier, it unfortunately makes cyber criminals’ lives easier as well. So they’re able to create much more sophisticated scams using AI. And so we go into, we dive into that side of things and that side of the cybercrime realm, and then we’re also launching a new course imminently. Which will be about the importance of being cyber fit within your whole supply chain. So when you work with different contractors at different levels, it’s really important, there is an expectation from all suppliers within the supply chain to be cyber safe. So if you work with, for example, a medical device supplier and you’re a small practice they do expect you to have done your due diligence and to have your cybersecurity baseline in place. So we go through the importance of being cyber fit as part of a critical link in the supply chain. So that’s a new course that we’re launching very soon.
Trish
That’s great, so it’s almost like, like every small business and, and not just small, I mean, this is going to be helpful even for people that work in bigger businesses as well. But, I mean, and it’s free.
Kimberley
It is free. And we, I cannot bang on and off about this. It’s something that people always are surprised when we say it’s free and they go, Oh, that’s amazing because they think, oh, yeah, that sounds good, but how much is it going to cost? And it’s completely free. It’s government funded. And our mission is really to empower all Australian small businesses to stay safe online. So it’s completely free.
Trish
It’s so good. Look, look, I’ve got a like years ago I remember doing a podcast with it was actually a plastic surgeon from America and he had just been attacked, like his data had just been attacked. And they wanted, I think, $3 million. But you know what, he reckons he spent about $250 million trying to get everything back into the order that he learned a very valuable lesson. So like, it sounds ridiculous, but he was off, offline for I think about something like about 3 or 4 months when it all got sorted.
Kimberley
That’s a very expensive lesson. And probably more at the extreme, but we know that in Australia, the average cost of a cyberattack, one single cyberattack on a small business is $50,000. So it might not be a quarter of a million dollars, but it’s still an amount that would probably devastate quite a lot of small businesses, especially. Ones that are on the smaller side with limited resources that are just starting out, when you lose $50,000 out of nowhere it’s very possible that you need to close your doors.
Trish
Well, and even Goodwill, I did actually have a cyberattack quite a few years ago. What had actually happened is we had quite a really successful website, but it was like a fully functioning website, as in you’d people would be going there every day, you’d be getting resources and all that sort of thing. And someone had actually, I don’t know how they did it, but they’d actually attacked our website by, I think, about 3 million bots at one time, and it just closed everything down. And we spent a solid 3 weeks of just like, number one, we thought, oh my God, that’s it. We’ve lost our business. You know what I mean? And we eventually got it back, and protected ourselves. So yeah, it’s so easy.
Kimberley
But think of a lost revenue in 3 weeks, that the amount of money that you could have made in those 3 weeks, it’s, it’s a huge cost and it’s not all, it’s not only a financial cost. So of course there’s that $50,000 you know, that is, that impacts your bottom line, but there’s also a huge human cost to it. So I’m sure you were very stressed during those three weeks. I’m sure you didn’t sleep very well. Yeah, yeah, I’m sure, exactly. And so it affects your mental health, but then that also affects your physical health, possibly so. We look at kind of like the the overarching impact of cybercrime is not just financial, it’s your well-being, it’s your mental health, it’s your emotional health and that’s why it’s really important to to have those basic tools in place to to be able to avoid those types of attacks.
Trish
Absolutely. And tell me, so, what do you reckon the biggest cybersecurity risks are these days that target small businesses?
Kimberley
Yeah, there’s a few. Most common types of cybercrime that we know and especially within the healthcare industry, so the healthcare industry being the number one target for cybercrime, we know that healthcare practitioners, practices, medical practices hold really valuable patient information. If you think of all the information, all the data that you hold on patients, that’s very valuable to cybercriminals. So in the healthcare industry specifically, the most common types of cybercrimes are usually ransomware or so ransomware is essentially when you’re sent an attachment, you think it’s a legitimate attachment, you open it and the ransomware is a virus that is installed on your device, that’s essentially restricts all your access to your data. The cybercriminals are then able to access your data. What they can do with it is quite far reaching. Often, especially with medical data, they’ll sell it on the dark web, they’ll use it for identity fraud and that’s the kind of information that’s very valuable, especially if you’ve got information like Medicare information or diagnosis, prescription information. And so what they’ll do with the ransomware is that they’ll restrict your access to your data and then they’ll ask you for a ransom, essentially to gain access back to your data. So that’s essentially the most prevalent one within the healthcare industry, but we also have things like business email compromise, which is essentially inbox break-ins. So that’s when cybercriminals are able to break into your inbox and from there they can launch a series of other cyberattacks. So if you think of everything that you have in your inbox, I’m sure as a business owner yourself, you’ve got quite sensitive information in there. You probably have client information, passwords, possibly employee information, so once they’re in your inbox, they can act as yourself, they can impersonate you to your employees, to your clients, to your suppliers. They can replicate your invoices and send fake invoices to your customers or they can replicate your supplier invoices and send you fake invoices, so you think you’re paying your supplier, but you’re really paying them. So those types, those two crimes for the healthcare industry are the most prevalent ones. And then they do, like I said, kind of flow into those secondary attacks like company impersonation, fake invoices, employee impersonation as well.
Trish
That’s so scary. Even just the thought of someone reading my emails is enough to send shivers down my spine. I’m like, oh my God, what have I got in there?
Kimberley
Yeah, it’s exactly. It really does feel like an invasion of privacy. It’s a bit like I always liken an inbox to your house. Once they’re in your house, if you think of all the valuables that you have in your house, it’s the same thing in your inbox and all those valuables are things that they can use to, to launch further attacks, not only on you but on your customers as well.
Trish
Yeah, totally. And do you know, like, with, with the modules that you’ve got, that you’ve got at the moment, is it, it’s like stackable, isn’t it? Like you, do you have to do it in that order? Like do foundations, number one?
Kimberley
Not at all. You can, you can do the courses in the order that you want and, you know, in terms of, special interest as well. So if you’re really interested in the Safe AI course, you can jump right ahead to the Safe AI course. What I would say though is I would encourage everyone to do at least the foundation level so we have foundations on the online courses, so you can do that online at your own pace. You can do it on your phone. That one only takes about 10 minutes to do. But we also deliver the foundations via webinar. So that’s the one where we take people through the course with the Cyber Wardens educator and people, a lot of people really like that kind of human interaction. There’s a Q&A session at the end and they like that relatability of having a human talk to them. Cybersecurity tends to have a very, we kind of have that image of, you know, a dark shadow and, and it’s really a human behavior issue. It’s not a tech issue. So having that human contact and having someone else talk them through the course, we found it to be really popular. So I would say, yeah, people can do the course in the order that they want, but the foundation level is really a winner and we have also for the healthcare industry, we have a webinar called Cyber Aid.
Trish
So tell us about that. Well I was gonna ask you about that because I knew that you created something specifically for the medical and allied industries. So what’s that about?
Kimberley
So we created that webinar because of the prevalence of cyber crime specifically within the healthcare industry, so the cyber aid webinar is targeted specifically to health practitioners, so anyone within the health care sector or allied health, and we really go more into details, we talk more about stats around the healthcare industry specifically and we talk about those cybercrimes that are more prevalent to the medical industry specifically so you know, someone could do foundations and still have all the basics, but the cyber aid is really targeted with examples as well that are more targeted to the healthcare sector.
Trish
Yeah, fantastic. And what, what I love as well, cause once and I’m presuming this is okay, because I want to get that Cyber Warden’s logo and stick it on the bottom of my website and link it back to you guys so that other people, like, so that my clients can actually, You know, see that it’s on there as well, and they can actually do it as well. And yeah, I can’t help, but every day it’s free. I mean, how often do you get something that’s gonna be beneficial that’s free?
Kimberley
Exactly.
It’s an endorsement as well, and it’s a gauge of confidence for your customers to know that you take this seriously and you take not only your data seriously, but their data seriously. So a lot of times, small business owners think of, you know, cyber crime and, and how it affects them, but we forget to think about how it affects our customers and at the end of the day, it’s their data that we’re holding. They are entrusting us with their data, with their sensitive information. And we know, especially within the healthcare industry that 88% of patients fear unauthorised access to their data. So knowing that you’ve done the course and knowing that you take cybersecurity seriously, is a huge tick of approval for them.
Trish
Yeah, that’s so true. And tell me, what red flags and like warning signs, do you reckon small businesses should look out for when it comes to cyber security? Cause I know, like, you’ve said the emails, number one, and that, that ransomware freaks me out because I think I got one this week, and I was like, this doesn’t seem right, and the only reason I knew was because one of the warnings on the course was like, look at the email that it’s come from before you open it.
Kimberley
Well done, Trish. I love hearing that.
Trish
Thank you, thank you. I’ve been trained very well.
Kimberley
Exactly. In terms of the red flags, there are a few that we need to be aware of, and they’re really, they’re easy to spot. The reason why we don’t always spot them is just because we’re really busy and we just want to do things quickly. So, first and foremost, I always tell people to take a beat before doing anything when anything looks suspicious. So in terms of red flags, we’ve got things like typos in an email or in an email address. And sometimes we don’t spot them because we’re busy and we just want to respond to the email. But if the email address from the sender looks similar, but has, often they’ll do like, they’ll do a W or two U’s instead of a W or two Ns instead of an M so that it looks similar. And you’ll miss it because you’ll see it coming from Trish Hammond and it’ll be two Ns instead of one M and you’ll just respond. Fake invoices is another one as well, where what they’ll do is they’ll use a supplier invoice and they’ll replicate it.
It’ll look exactly like your supplier invoice, but they’ll change the banking details and prompt you to update your banking details in your system to pay your supplier. So anytime you are prompted to change banking details, that’s a huge red flag. Same thing with the typos. We talked about ransomware as well, so ransomware often comes in the shape of an attachment. So anytime you receive an attachment where you’re not sure what the file type is, you know, you’d probably be used to receiving images, so we’re used to like JPEG, PNG or PDFs even. But when you get a file type that looks a bit dodgy at the end, ransomware can come in like RAR file types, for example, that’s when again you wanna raise your alarm and make sure that you assess the email before you do anything before you open anything. Same thing with links as well, so phishing scams come through emails. I’m sure that you’ve seen phishing scams before. I think we’ve all seen phishing scams now. The link looks legit. It looks like it’s coming from, you know, a post or Facebook but once you click on it, it’ll prompt you to enter your login details, and once you do, they basically have access to your login credentials.
Trish
So I get that all the time with them, but I get a PayPal invoice saying, $788 will be taken out of your account tomorrow if this is not correct, you know, blah blah, blah. And I just know that, yeah, I look at the email address it’s come from, I think I haven’t bought anything for that much. I know how much I’ve spent on my PayPal account. So, yes, you’ve got to be really diligent.
Kimberley
And they’re really sophisticated, so they know that we use PayPal. You know, they, I often get the Auspost text messages, and it’s rare that I don’t have a parcel or two in the pipeline. So they know that, you know, I do online shopping. And they just bank on the fact that you’ll go, oh yeah, that sounds about right. I must have used PayPal and you click on it just in haste, and they often use urgency as well in the messages. So like you said, if you don’t clear this invoice right away, your account will get shut down and that they prey on that urgency, that sense of urgency. So we’ve seen a lot of banks now, government institutions, they always say we will never ask you to click on the link. So anytime you receive an email where it’s prompting you to click on a link, really take a beat to, to have a think, to assess what it says in the email and to kind of think back, you know, did I spend that $700 with PayPal, did I order that parcel?
Trish
Well, so do you reckon it’s almost like we need to develop ourselves the system like, so what do you, or a habit. So what, do you reckon some of the habits that we all have that inadvertently make us vulnerable to cyberattacks?
Kimberley
Yeah, there’s, there’s a lot of habits that we have that we don’t even think twice about, but they just make us a bit more vulnerable. So it’s things like not updating your software on your computer when you’re prompted to do a software update, or snoozing your computer at the end of the day rather than turning it off completely. So by delaying software updates, you’re delaying those security patches and fixes to be installed on your device. And the reason why software developers launch software updates is because they know that there is a vulnerability in their system. So if they know that, cyber criminals know that as well. So they can exploit those vulnerabilities if you don’t do those software updates. So, I know it’s really annoying when you’re in the middle of a meeting and your software update comes up, but it’s really important to make sure that you stay on top of those. Another habit, a really simple habit that we can reinforce or that we can upgrade to make sure that we stay safe online is making sure that our password hygiene is excellent. And that means we want to make sure that we have long, strong, and unique passwords across all of our accounts. You know, we don’t use our password 123, our pets’ names, our business name, our favourite footy team. You want to make sure that all of your accounts have different passwords on them, and then from there you want to make sure that you also have multi-factor authentication on all of your accounts. So do you know, I’m sure, well, you would know what multi-factor authentication is given you are a Cyber Warden. But for anyone who’s not, who’s not sure what multi-factor authentication is, it’s essentially that second layer of protection that you put on an account and what it looks like can be like you get a text message and it’s prompting you to enter a code to verify your identity. So it’s just that second layer that makes it virtually impossible for cyber criminals to break into an account. So if there’s one thing, one habit that we can certainly improve right away, it’s making sure that our passwords are all unique and that we have multi-factor authentication installed. And you know, it’s really hard to, it’s hard to basically go ahead and do that on all your accounts. You might have, I know I have about 150 accounts online. So I always tell people to start with the most important, your most critical accounts, and then work your way down. So your first one would be your inbox, and then you’d be looking at your bank accounts, your government accounts, your social media, and then all the other accounts that you have online.
Trish
I can remember years ago, like, I don’t know, 10 years ago or whatever, I used to have a password book, like a little black book. And to move from that black book to an online good password application took me forever cause I’ve got about 400 passwords that, so you have your one master password, and then you can, which you change all the time, but then just being to have one, because really, I just have one password to get into everything because, right? Yeah, yeah, which is just so good. But people find a real mental block with, oh, I got to put all my passwords in, but it’s just, it’s so easy.
Kimberley
It is, it is easy. And once you get in the groove of it, you do realise that it’s really easy. And if anything, if you’re hesitant or if you keep putting it off, just think of that $50,000. And the fact that it’s short term pain for long-term gain. And yes, you might need to set aside a few hours to kind of get everything organised, but the password manager will be your saviour in terms of remembering all those unique passwords. Like you said, 400 accounts, nobody’s expected to.
Trish
No, exactly. And I, I know that for a fact I speak with people and say, OK, well, what, you know, we’ve got to get in here. What’s your password? And some people crack into a sweat because they’re like, Oh my God, what’s that password? Like, it’s impossible to remember your own passwords.
Kimberley
And password managers these days are really good because they’re basically compatible with all your devices. So they’ll be on your browser on your laptop, but then they’ll be able to, if you need to log in on your computer, on your phone, sorry, they’ll be compatible on your phone as well. So it kind of integrates across all of your devices. And the information is all encrypted in the cloud, so it’s a million times more secure than a notebook or a notes app on your phone or, you know, a Post-it note on your computer. So yeah, I, that’s one of the other habits that I would urge people to get into is setting up a password manager. There’s quite a few on the market. There’s some free ones, like the Google Chrome password manager, depending on what browser you use, they all have their own free one, but then you’ve got some like Lastpass or Keeper or Onepass that you can spend a bit of money each month on. They’re not too expensive and again just think of that $50,000 and the cost benefit analysis.
Trish
Exactly, and what, so what do you reckon that some simple wins that small businesses can implement like now to help protect themselves online.
Kimberley
Always, again, I take it back to basics and the password hygiene is, is the number one. And then once that’s done, I would say that making sure that they have that training, such as Cyber Warden’s training, but not only that, so if you work in a team, if you own a business and you have a small team. It shouldn’t be incumbent on one person to be across all of the cybersecurity aspects of your business. Everybody in your team should be trained. We know that because cybersecurity is a human behaviour issue, 95% of cybercrime involves a human error. So you’re really only as strong as your weakest link in Business. So you want to make sure that all your staff are empowered to recognise the signs to identify the red flags and to know what to do if a cyberattack happens. So I would say a really simple win is to go on the Cyber Wardens website at cyberwardens.com.au and get not only the training for the business owner but for the team as well.
Trish
Yeah, cause it’s not gonna cost you anything. You might as well as train one person, everybody might as well go through the course. And in fact, what we’ve made it now is we’ve made it part of any new staff induction. This Cyber Warden’s Foundation course is part of what everyone’s got to do, cause some people still are writing, I know for a fact, cause I’ve seen one of our team writing their passwords in the notes app. I’m like… you can’t do that anymore.
Kimberley
Absolutely, and, and it’s a great way to do it. That’s actually a really quick win is to just include it in staff induction and as part of the whole list of, you know, the whole checklist that you go through when you get a new staff member on board, get them to do the foundation course and get them to be across the cybersecurity basics as soon as they start.
Trish
Exactly, it’s good for them because it, number one, it stops them from using the same password for everything, number one, but also, it’s just the awareness of the fact that, you know, no matter how big or small the business is, there’s always something for someone to gain from hacking in and getting your data and and whatnot and causing the grief, but, I was gonna ask you, so have you got any examples of like social media or other email hacks that you can kind of share with us?
Kimberley
Yeah, there’s, there’s so many. And whenever we go to events or to conferences, we have people come up to us all the time telling us, oh, this happened to my friend, my mum, my partner, even you with the example of your surgeon in the US, there’s always examples. There’s one that always stays in my mind because a lot of small businesses use social media as their main marketing channels, because obviously, you don’t need too many resources. It’s something that you can do kind of at any point. So we have an example of a woman, her name is Amy, and she owns a disposable, sorry, non-disposable, so reusable nappy business, and she was actually on Shark Tank, so her business gained enough traction for her to go on Shark Tank, and she got investment from the sharks, I think it was $100,000 that she got from the sharks to invest in her business. And the day that her episode was gonna air on TV her social media got hacked, her Facebook account got hacked, which was her main marketing channel. The hackers were able to lock her out of the account and they started posting really inappropriate content online, violent content, and, you know, her target audience is mothers so it was really inappropriate and the content that they were posting, and she had no way of stopping it. And it was right at the time that her episode was going to go to air, so of course traffic to her Facebook page was going to increase significantly. So she managed to in the end, she managed to close the account and to stop the scam. But that wasn’t at the expense of the revenue that she could have made and the visitation that she could have had on her Facebook page, aligned with the Shark Tank episode.
So that was a huge, unfortunately missed opportunity not missed opportunity for her. It wasn’t her fault, but it was definitely the timing was really horrible for her in terms of the The Shark Tank broadcast.
Trish
So yeah, that sounds a bit devastating.
Kimberley
It is devastating and if they can, they can get in really easily. What they’ll do is, you know, they’ll send a message, especially on Facebook, they’ll send a message impersonating one of your friends saying, oh, I really need you to click on this link. I need your help with this. Can you just click on this? And then once you click on the link, you’re usually prompted to put in your login credentials, and that’s how they access your account. So there are many, many examples. Our social media channels are, we have quite a few examples on there. We also have a lot of education content on our social media and on our website as well. We have blogs and other real life examples. It always helps put things in perspective when we can see what it looks like to another person such as what it looks like in real life, what a scam looks like in real life, how people are able to go to kind of stop the hack or to recover from a cyber incident as well. So we have all those resources on our website.
Trish
Yeah, fantastic. And so to me, so I know you gave us the website before, but we’ll direct people to the website in a second, but I was gonna ask you, so with the courses that are available on Cyber Warden, so you’ve got your basic foundational core range of courses where you’ve got your foundation level 1, level 2, and then, like, you can get refreshed, and then we’ve got webinars. And so you’ve got core and you’ve got webinars. So you can just do it, even if you don’t want to do anything. You just do the webinars that are as well. Like you don’t, you don’t have to start anywhere.
Kimberley
You just do the webinar. So the webinar is the same content as the, so right now we have the Foundation’s webinar, which is the same content as the foundations module. It’s just a different mode of delivery. We’re about to launch our Safe AI webinar as well, which will be the same content as the Safe AI. And then once we launch our cyber fitness for the supply chain course will also launch the webinar as well. So the webinars will get you the same training, you’ll get the same information, and you receive a certificate as well. It’s just a different way of learning and not everybody learns the same way, so we’re trying to, to provide the most . The most opportunities and delivery formats for everybody to be able to do the course in the way that they prefer.
Trish
Fantastic. And I noticed since last time I logged on, because I like to kind of log on every now and then because I know that like the website’s changing all the time, stuff’s being added. So it’s just, for me, I’ve actually made my, you know, It’s one of my habits that, you know, at the beginning of the month I do this, I do this, logging on to Cyber Warden’s is one of those things that I do once a month. I think because it’s one bit, once bitten twice, I know it’s out there. Why wouldn’t I use it? You know what I’m and you can never learn too much. But I’ve noticed that now there’s a graduation kit that I think anyone can download. Is that right? Or do you have to have done your courses first? Cause I know I can download it.
Kimberley
Yes, you can download it because you’ve gone through one of the courses. Once you hit graduates on one of the courses, the graduation kit will come up. So we’ve got some resources in there that you can download, and you can also access the resources hub. So the resources hub is open to anyone. You don’t have to have done the course but the graduation kit does come once you’ve completed one of the courses.
Trish
Fantastic. And you know, you mentioned certificates before. It actually felt really good to go through the first step and think, oh my God, I’ve already got a certificate.
Kimberley
Yeah. It’s a nice reward. And it really does have that kind of feeling where you’ve completed something, you’ve achieved something, and you’ve done something good for not only your business, but your customers as well. And you’ve got the certificate to prove it.
Trish
Exactly. And I noticed that in that resource kit, like you can download your certificate, you can also download a cybersecurity action plan, which is just like, it’s always good to have something at your desk, that’s sort of there that you can look at. So it’s gonna give you those easy steps to follow, to help protect your business.
Kimberley
Exactly. Just a quick checklist. And the action plan is the same thing that we cover in the course.
It’s not new information. We’re not trying to add on more, confusing information. It’s the same information. It’s just a reminder of, you know, the main basics that you should do. So the passwords, the multi back to authentication, updating your software and it’s a good visual to have, like you said at your desk to make sure that you’re always on top of this. Cybersecurity unfortunately is not a set and forget. It needs to be an ongoing, , an ongoing conversation in your business and it needs to be ongoing. There needs to be ongoing training and ongoing education because, yeah, cybercriminals. They evolve every day, they get more sophisticated every day, and it’s really important to always stay on top of those types of courses and information.
Trish
And you know, the other thing, you know, you mentioned before, the fact of being a medical business or an aesthetic business, anything to do with patients and clients that come in that resource kit has got those, you can download posters as well, cause, cause like for me, nothing would make me feel better than walking into a clinic and knowing that they’re actually, they’re, you know, their cybersecurity is something that they’re working on.
Kimberley
It’s right there at the front desk and just kind of that, that tick of approval like we talked about before, of just giving you that confidence that they take your data seriously.
Trish
Exactly. And you know what, the bonus as well is, which I didn’t even realize that was there until now, is I can actually put my digital badge on my signature, on my email signature. And that way, everyone knows, hey, don’t mess with us, we’re Cyber Wardens.
Kimberley
And you can share it on LinkedIn as well. And we find that on LinkedIn, you know, it’s a good platform to not only talk to your network about the fact that you’ve done the course, but also encourage other people in your network to do the course as well. So yes, there’s a range of resources that you can use to, , yeah, to really share loud and proud that you are a Cyber Warden.
Trish
Oh, fantastic. Well, I gotta say, , like, I am so happy that I was ever involved with Cyber Wardens. It’s changed my business. It’s changed the way that our staff, you know, save all of their passwords and stuff like that. Cause, cause a couple of our staff are offshore. So, you know, you can’t control what they do, but now they’ve done the onboarding, it’s changed the way that they do their business. I feel secure and, and I’ve got my, you know, I’ve got stuff that I do on a regular basis just because of this course. So I can recommend it highly enough to anyone.
Kimberley
That’s so good to hear, Trish, and thank you so much for endorsing the course. We love to hear about people who have done the course, real people in real life, , who have done the course and who are, who rave about it, and who encourage everyone else to do it, it’s really nice feedback. And, you know, that’s why we do what we do at Cyber Wardens is for small businesses like yours and like your like your clients to to feel safer online and to feel empowered and not to feel scared because cybersecurity shouldn’t be scary. We should feel empowered to have the tools to stay safe online rather than bury our head in the sand and hope that it never happens to us.
Trish
Absolutely couldn’t agree with you more. So just for a last minute, you can go to the website cyberwardens.com.au
Kimberley
We have a range of resources there, but all the courses are under the courses tab, so you’ll find our full course catalog on the courses tab, and from there you can log into the system and start learning.
Trish
And for those of you out there that are in, in the health arena, definitely if you go to that cyberwardens.com.au, there’s a tab that’s called e-learning, there’s a whole section there on cyber aid, which is AID and that’s for health professionals, so go to it.
Kimberley
Thank you so much, Trish. It’s exactly right. So Cyber Aid for the health community, , but of course the other courses are relevant to anyone as well, so we, we don’t discriminate. You can take any of the courses that you want on the website.
Trish
Fantastic. Well, thank you so much for joining us, Kimberly.
Kimberley
Thank you so much, Trish. It’s been a pleasure and I hope that we get a few more Cyber Warden come through thanks to your podcast.
Trish
Absolutely. So guys, definitely have a look at it, cyberwardens.com.au. It’s so worth it. I’m so happy that I actually found out about this, and I’ve actually been, I think it’s been about 6 months that I’ve been a Cyber Warden, a Cyber Warden for my own business, of course, and I love it. So yeah, thanks Kimberly, thank you so much.
Kimberley
Thanks Trish.
Trish
Have a great day, bye.
