"Breach notification laws have been highly effective at forcing organisations to review IT security in countries such as the USA and Europe," said Dell SecureWorks principal consultant for APJ Phillip Simpson (pictured).

"Australia is behind these aforementioned countries, when it comes to security, and this is becoming more apparent every day."

Apart from any other considerations, Simpson is concerned that a reputation for slack security will mean the Bad Guys pay more attention to Australia.

Examples include the theft by Chinese hackers of intellectual property which is then used to manufacture counterfeit products, and the high incidence of Cryptolocker cases. "Australia was ranked third in the globe" for the number of devices encrypted by Cryptolocker, he observed.

Simpson's top six tips are:

1. Test your environment and know your weaknesses so you can fix them, this include policies around IT security
2. Understand the threats and prepare, be pro-active not reactive
3. Understand your access controls and make sure the right people have the appropriate access.
4. Monitor network traffic.
5. Have a quality patch management process.
6. Train your staff and end users so that they are aware of the importance of IT security.