DIPNA Cybersecurity Starter Pack

Version 1.0 | Practical baseline guidance for smaller organisations

1. Accounts

• Use a password manager.
• Enable multi-factor authentication on critical accounts.
• Remove shared passwords and shared logins where possible.

2. Devices and updates

• Turn on automatic updates where possible.
• Track devices that still need manual patching.
• Remove unsupported hardware and software from critical use.

3. Backups

• Back up critical files and systems on a schedule.
• Test that backups can actually be restored.
• Keep at least one backup path separated from day-to-day access.

4. Staff awareness

• Brief staff on phishing and impersonation.
• Verify urgent payment or credential requests through a second channel.
• Use clear incident escalation contacts.

5. Recommended tools

• Password manager
• Endpoint protection
• Backup tooling
• Hardware security keys for high-risk accounts

6. Next step

After the basics are in place, move into verified communications, stronger incident response and formal breach reporting processes.