Published on:

17 February 2022


Rachael Adams

CyberProtect and CyberPack – What are They, and What is the Difference?

It would be hard to miss the changes to the IT security landscape over the last two years. Even locally, we have seen high-profile cases involving organisations ranging from a hospital to a national freight company. They, of course, are the tip of the iceberg, those unfortunate enough to make headlines as they try to recover from cyber-mayhem.

What doesn’t make the news is the extraordinary number of small and mid-sized businesses also falling victim. They may not make the front page, but the effect on operations, revenue, customers, and staff is profound. Aside from the immediate impact on your finances, and the stress involved in attempting to salvage your reputation, the long-term effect on business survival can be bleak. Clearly, prevention is ideal, but where do you start?

Business owners and senior staff typically wear many hats in small organisations, and IT security has been unceremoniously added to the heap. It competes for attention with everything from customer relations to negotiating cleaning contracts. Little wonder, then, that small business leaders struggle to fully recognise their level of cyber-exposure, or know what options are available. This situation creates a fertile landscape for opportunistic cyber-criminals, so the trend has been towards striking these easy targets.

There are some cyber security options, but most are built for the enterprise space. They can afford the higher price, but some of the functionality is overkill for smaller businesses. It can be hard – and expensive – to scale the top of town products to suit smaller organisations that need much the same level of checks and balances in place. When we work with a customer, we always start with an assessment, so we know their level of exposure and can identify what options are available to them. This is the equivalent of a locksmith checking what kind of doors and windows you have before charging ahead to order expensive hardware – skipping this step could leave you with a wasted effort, and no more secure than before.

An initial assessment provides a lot of answers, and once we know the customer’s security posture, creating a logical plan becomes possible. If you’re reasonably confident, and have time, you could perform some initial checks yourself. This can be a useful starting point when engaging with a security specialist, but there are now a couple of SMB-focussed products that might just save you a lot of effort.


CyberPack is a bundle of security products chosen to offer additional coverage for small and mid-sized businesses. It includes dark web monitoring, security awareness training, phishing testing, business perimeter monitoring, and password management. At the moment, a lot of smaller organisations buy anti-virus software, but the security pack is built to expand on that cover and add much stronger and broader protection against security breaches.

The combination of protective products reflects changes in the type of attacks that businesses face. Dark web monitoring, for example, has become essential, with an astonishing number of individuals and businesses blissfully unaware of how frequently their credentials are traded. Likewise, although most users have good intentions, they can make missteps. There’s a very good case for putting security awareness training on an equal footing with any other safety training your business provides. Phishing testing can help identify where refresher training is needed. Some other elements, like password management software, are helpful in supporting users to make good choices. In other words, covering both the human element and the technology component creates a far more robust defence.


The combined elements of the CyberPack provide a comprehensive mix, but what about the expertise and ongoing management?  The average IT security salary in Australia is currently $115,000, and while that is realistic for corporations, it can be out of reach for smaller businesses. CyberProtect takes the CyberPack, and adds in expert consultancy, without the cost and challenges of hiring a specialist. They take a deeper dive into security, including actions like creating and maintaining a risk register, and analysing your unique business environment to identify risks, both on-premise and in the cloud. They work with the business to determine priorities, ensure compliance with relevant policies or regulations, and provide a higher level of direction on where to focus investment.

Among the key tasks for the consultant is to monitor vulnerabilities and check threats continually. One of the key things to understand here is the way that hackers tend to operate. Once they have breached defences, they tend to bide their time, undetected, until the optimal time to strike. Typically, time to detection is around six months. Monitoring logs gives a far greater chance of detecting and isolating the intruder early, preventing harmful outcomes.

IT security can of course be daunting for smaller organisations to handle alone, but the very worst thing is to wait until disaster strikes. Talk to our security experts today to uncover the risk and prevention strategies that will keep your business and customers safer.