×
The RACGP website will be unavailable on Monday 18th May from 8:15 PM - 9:00PM AEST due to scheduled maintenance. We apologise for any inconvenience this may cause.

Learning from your cybersecurity incident

  1. Disclaimer

Learning from your cybersecurity incident

Review

When the threat has been contained, you have an opportunity to assess the situation and identify any systems or processes that need changing. Some issues to consider:

  • Do you have appropriate practice policies on the use and security of your devices (including removable storage devices) and who can use them?
  • Do staff at the practice have mandatory training in maintaining cybersecurity and recognising a cybersecurity incident? What level of training do staff need?
  • Are staff aware of their roles and responsibilities in the event of a cybersecurity incident?
  • Do you need to upgrade particular devices?
  • Do you need to update particular software (eg clinical information system software, antivirus software, email software)? Are the latest security patches applied to all software programs and operating systems?
  • Do you need to engage new service providers (eg IT specialists)?

Update your plans

When you have reviewed your response to the incident, make any necessary changes to your cybersecurity incident response plan and, if relevant, your disaster recovery plan and business continuity plan. All of these documents should be reviewed periodically.

This event attracts CPD points and can be self recorded

Did you know you can now log your CPD with a click of a button?

Create Quick log

 

Advertising