Owners of small and medium businesses in Adelaide have been signing up for a new cyber security training program organised by the Australia Cyber Collaboration Centre (ACCC).

The government-subsidised Cyber Uplift Step Program (CUSP) – run out of Lot Fourteen on North Terrace – aims to cover cyber security bases for all knowledge levels, from those clueless about it to semi-pro anti-hackers.

Launched earlier this year as part of the State Government’s Small Business Strategy, CUSP costs businesses $500 and includes a one-year affiliate membership to the Australian Cyber Collaboration Centre.

Trainees can take the course at their own pace, and lessons are determined based on one’s knowledge level when signing up.

It is an Australian-first program according to ACCC strategic projects lead Rachael Hamilton who told InDaily that each applicant goes through a “cyber clinic” at the beginning of CUSP with a one-on-one coach.

“In that [time] you talk about your business and tech stack and your goals – and that could be ‘I really struggle to understand the best Wi-Fi or the best computer systems’; ‘I use Microsoft but I’m using an outdated version’; or ‘I’m an Apple person but all my team are Microsoft and it’s a bit confusing’,” Hamilton said.

“Then we create a personalised roadmap which recommends which learning modules to do. Then you go away and do them at home by yourself, or at work, or on your own time.”

There are also workshops run by CUSP as part of the program, where SME owners come together to learn cyber resilience techniques.

“You walk out and you’ve automatically uplifted your cyber resilience,” Hamilton said.

“CUSP can be anything, big or small you are insuring your business’ resilience just a bit more.”

Acknowledging that many SME owners and entrepreneurs are tight for time, CUSP is able to be completed at trainees’ own pace.

“It could take three months, it could take six months, it could take the whole 12 – it’s entirely up to you,” Hamilton said.

“We understand that SMEs are really busy.”

Cyber security resilience is particularly topical this month – Cyber Security Awareness Month – with University of South Australia Associate Professor Mamello Thinyane noting that businesses “can do so much more to lower the risks of cybercrime”.

“Basic ‘cyber hygiene’ should be instilled in everyone. This includes protecting our accounts with multi-factor authentication, strong passwords, password managers, and being super vigilant around potential phishing attacks and scams,” said Thinyane, the chair of Cybersecurity and Data Science at UniSA.

“In the past, organisations have been unwilling to disclose their cyberattack experiences for fear of reputational damage and legal implications. However, it’s important we strengthen our collective intelligence and reduce the barriers for companies that have been victims of cyberattacks.

“By sharing their experiences and lessons learned, we can build trusted networks and become smarter together.”

Simple ways to strengthen digital security include ensuring strong passwords are implemented and multi-factor authentication is prioritised.

“Think twice before clicking on that suspicious link or forwarding fake social media posts. Cyber criminals are very clever at exploiting human vulnerabilities and 82 per cent of data breaches are linked to human factors, so we need to be very, very cautious,” Thinyane said.

“Digital technologies are here to stay, but for societies to thrive, we need to make our systems and data more secure, and we need to collectively become cyber resilient.”

CUSP is also accommodating for those who already have a more advanced understanding of cyber security.

“We’ve got three streams: beginner, intermediate and advanced,” ACCC’s Hamilton told InDaily.

“We’ve got a couple of people that fall into the advanced category who are looking for DISP (Defence Industry Security Program) membership.

“When you want to go for a defence contract you have to be DISP accredited, and that’s a really long process.”

Hamilton said most trainees will fall into the beginner or intermediate stream, but that it was important ACCC offered more advanced lessons for small business owners taking on bigger jobs.

“Just because you’re a small business that doesn’t mean you’re not going for the defence contracts,” she said.

“We want to account for all of the small businesses that can still have a great impact.”

CUSP is still in its early stages but once the pilot in Adelaide is complete the ACCC hopes to take the training program national.

“We’re getting lots of registrations sent from interstate people, which is wonderful to see a real need and interest from people,” Hamilton said.

“The success measure for the government is if we get 100 SMEs through our program. Our success measure internally is as many as we can fit – the more the merrier.”