Blog › Cyber Insights

August Cyber Brief

7 August 2025 10 min read By jamcyber
August Cyber Brief

Jam Cyber Brief

August 2025 Edition

This month’s brief covers several key developments that will affect how firms operate and respond to cyber threats. We look at the Right to Disconnect legislation for small businesses, mandatory ransomware reporting rules, and new requirements around operational resilience. We also explore the latest capabilities in AI tools, highlight July’s top scam warnings, and share new free resources to help you build cyber resilience without adding to your admin burden. 

Whether you're leading a team, managing compliance, or simply trying to stay ahead of client expectations, this month’s insights are designed to keep you informed and give you practical next steps to act on. 

Jump ahead

Top Cyber Trends This Month 

Preparing for the Right to Switch Off 

From 26 August 2025, small businesses will be subject to the Right to Disconnect, a legal protection already in force for larger employers since August 2024. Under the Fair Work Act, employees may reasonably refuse to engage with work-related contact outside of working hours—such as emails, calls, or messages—unless responding would be considered reasonable given the circumstances. 

Reasonableness is assessed case by case and takes into account factors such as urgency, intrusiveness, compensation for availability, the employee’s role, and their personal situation (e.g. caregiving responsibilities). Disputes must be handled internally first, but can be escalated to the Fair Work Commission, which can issue stop orders and enforce remedies. Penalties for corporate breaches can reach up to AUD 93,900. 

What this means for professional services firms:

Firms that expect flexible availability from their teams—especially in client-facing roles—need to reassess how after-hours expectations are communicated and managed. A formal policy will help avoid misunderstandings and protect both the business and its staff. 

Action points: 

  • Review internal communications policies and clarify after-hours expectations. 
  • Train managers on how to handle the Right to Disconnect appropriately. 
  • Document processes for handling disputes in line with Fair Work guidance. 
  • Plan for implementation before 26 August 2025 if your business has fewer than 15 employees. 

Mandatory ransomware reporting & policy reforms 

As of 30 May 2025, mandatory ransomware payment reporting became law under the Cyber Security (Ransomware Reporting) Rules 2025. Businesses with annual turnover above AUD $3 million must report any ransomware payments to the Australian Signals Directorate (ASD) within 72 hours.  

Importantly, a broad definition applies, covering cryptocurrency, vouchers, or services exchanged for stolen or encrypted data (homeaffairs.gov.au). An initial six-month "education first" phase (ending 31 December 2025) will provide guidance rather than impose penalties. 

Professional service firms handling sensitive client data should consider updating their incident response plans. These updates should include clear procedures for ransomware payment decisions, ASD reporting, and communications with clients and regulators. 

What this really means for professional services firms:  

Mandatory reporting significantly increases the regulatory responsibilities of professional service firms. It means that firms must not only be prepared to respond rapidly to ransomware incidents but also be fully transparent in their handling and reporting of such payments. Enhanced preparation will be required to protect client trust, maintain regulatory compliance, and avoid reputational damage. 

A few actions to implement: 

  • Update incident response plans to include clear procedures for ransomware payment evaluation and timely ASD reporting. 
  • Establish clear communication protocols for promptly notifying affected clients and regulators. 
  • Ensure all staff, especially leadership and incident response teams, understand the new reporting obligations and timelines. 

Rising standards for data management and continuity 

Standards around data management and business continuity are rising. APRA’s CPS 230 Operational Risk Management standard took effect on 1 July 2025 for banks, insurers and super funds (apra.gov.au). It requires regulated entities to identify critical services, test their continuity during disruptions and manage third-party risks. While CPS 230 applies to APRA regulated entities, it signals broader expectations for all businesses. 

Organisations certified under ISO/IEC 27001:2013 must also transition to the updated 2022 version by 31 October 2025 (controlcase.com). The new version streamlines controls and adds areas like cloud security and threat intelligence. 

What this means for professional services firms:  

Law, accounting and consulting firms handle sensitive data and rely heavily on cloud systems. Reviewing data management and business continuity plans now will help maintain client confidence and keep pace with rising standards. 

If this impacts your firm you should:  

  • Review how you protect and back up critical data. 
  • Check that your business continuity plans are up to date and practical. 
  • If ISO 27001 certified, plan the transition to the 2022 version ahead of the 31 October 2025 deadline. 
Is your firm looking at ISO 27001? Talk with us to see how we can help! ISO 27001

What’s New & Emerging This Month in Cyber  

Microsoft Copilot Now Pinned in Teams 

Microsoft is accelerating the rollout of Copilot across its products—and now, Microsoft 365 Copilot Chat is pinned to the top of the Teams chat list by default. This applies even for users who don’t yet have a Copilot license. It’s a small change with big impact, making AI assistance more visible, accessible, and familiar to a wider group of staff. 

This update lowers the barrier for experimentation. Teams can start exploring AI-generated support for writing, summarising, and planning without formal onboarding or configuration. It’s also a nudge for firms still finalising licensing decisions to consider how Copilot fits into day-to-day workflows. 

For professional service firms: This feature opens up passive exposure to AI for all team members. It’s worth checking who’s using it—and whether you’re getting value from the tool. If your firm is trialling Copilot or thinking about rollout, now’s a good time to put some structure around training and acceptable use. 

Is your firm using Copilot or unsure where to start? Contact the Jam Cyber team for help.

Jam Cyber: New Cyber Onboarding Platform 

Jam Cyber has launched a streamlined onboarding platform that helps new team members get up to speed quickly on essential cyber security practices. 

The platform includes: 

  • Baseline training in safe tech use and scam awareness 
  • Acknowledgement of company policies 
  • Culture and system orientation 

It’s designed to reduce risk and boost employee confidence in the first weeks of employment. Studies show that employees who feel prepared and supported are far more likely to stay in their role.  

For professional service firms: If your cyber training is inconsistent or ad hoc, this new tool could help standardise onboarding, reduce early errors, and free up your IT team’s time. 

Find out more
AI Agents Just Got More Capable

AI assistants like ChatGPT are becoming more capable and more embedded into everyday business tools. Recent updates now allow AI agents to: 

  • Handle file uploads: Employees can drop in documents, spreadsheets, or PDFs and ask questions about them, saving time on manual review. 
  • Connect with third-party apps: AI agents can now integrate with calendars, task lists, and even CRMs. This is enabling smart automation without needing a developer. 
  • Work from memory: New “memory” features mean AI can retain key preferences and instructions across sessions, tailoring support to each user’s needs. 

For professional service firms: These upgrades can help teams reclaim time on admin, document drafting, and client prep. The challenge is setting clear boundaries: what should AI do, and where do human checks still matter? 

It is also important for your firm to have policies around which AI agents you use and what you are sharing. If you need support launching a secure AI environment for your team – contact our experts. 

Understanding Whitelisting: A Simple Guide for Business Owners

Cyber Threats We’re Watching Right Now 

Ransomware Reporting, Remediation Gaps & Scams to Watch 

July saw a number of technical alerts from the Australian Cyber Security Centre (ACSC), including critical vulnerabilities affecting Citrix NetScaler products. These alerts are particularly relevant for professional service firms that rely on third-party platforms or infrastructure providers.  

Action: Ensuring your IT team, or managed service provider, is subscribed to ACSC alerts is a simple way to stay ahead of emerging threats. These alerts should be folded into your firm’s patch management and incident response workflows. 

Personal devices and unmanaged endpoints 

Verizon’s 2025 Data Breach Investigations Report (DBIR) found that 46% of compromised devices were unmanaged personal devices containing corporate logins, compared with just 30% for managed, enterprise devices. This highlights the ongoing risks of bring-your-own-device (BYOD) and remote work arrangements, where personal laptops and phones are used to access work systems. Infostealer malware is a common attack method. Hackers collect saved credentials from personal devices and then pivoting into corporate networks. 

For professional service firms, especially those handling confidential client data, this raises serious concerns around data exposure and regulatory compliance. 

Recommended actions: 

  • Implement conditional access rules that check for device compliance before granting access. 
  • Encourage staff to use company-managed devices for work. 
  • Consider mobile device management (MDM) tools for BYOD smartphones and tablets. 
  • Deliver practical training on phishing, software updates, and safe device use. 

Tax time scams (STILL) on the rise 

The ATO reported a 150% increase in impersonation scams over the past year, with 90% of scam attempts arriving via email. Most use spoofed domains and realistic email templates to trick users into clicking malicious links or entering personal details. The ATO continues to stress its official advice: stop, check, and protect. 

Encourage your team to use the latest version of the ATO app, which now includes real-time alerts and instant account locking features. It’s also a good time to remind staff to verify any payment or login requests; especially those claiming to come from the ATO, banks, or software vendors. 

Key takeaways: 

  • Revisit internal procedures around invoice approvals and payment requests. 
  • Use phone call-back verification and secure portals for document sharing. 
  • Make multi-factor authentication (MFA) mandatory for systems with sensitive data. 
  • Remind staff that no official agency will request sensitive information via email. 
The Menace of Malware_Safeguarding Small Businesses_4

Some Freebies From Us! 

Getting your cyber house in order can feel overwhelming; especially when you're juggling client work, operations, and team onboarding. So we’ve put together a few free tools: 

1. Free Cyber Security Awareness Training 

Head to our Knowledge Hub to access cyber security awareness training designed specifically for Australian businesses. It covers practical, day-to-day threats and helps your team build a strong security mindset. Ideal for onboarding new staff or refreshing long-timers. 

Knowledge Hub

2. Free AI Policy Template 

If you’re unsure about staff use of ChatGPT and other AI tools – it is worth viewing our AI policy template to help you define safe, consistent usage across your business. It’s written in plain English and designed for small and medium firms. 

Contact us and we’ll send it to you. 

3. Free Incident Response Plan Template 

Don’t wait until an incident happens. Our free Incident Response Plan template helps you prepare for potential data breaches, ransomware events or other cyber attacks. It covers roles, escalation steps, and who to notify—so you're not scrambling when the pressure's on. 

Get your Free Incident Response Plan today.

These tools are designed to save time, reduce risk, and give your firm a practical head start on cyber resilience. 

Conclusion

This month’s changes around ransomware reporting, employee rights, and system vulnerabilities show that expectations are rising across the board. Whether you're updating policies, onboarding new team members, or reviewing third-party risk, taking proactive steps now will go a long way in keeping your firm secure and trusted. 

If you'd like support on any of the areas covered this month, the Jam Cyber team is here to help. 

// Need more help?

Contact our team today.



    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Protect your business from cyber threats.

    Jam Cyber helps Australian businesses stay secure with practical, expert-led guidance and managed security services.

    Book a Free Strategy Session