Data protection and cyber security
At PICA Group, we take data protection and cyber security very seriously. That’s why we spend almost $1,000,000 a year on protecting your data.
We use a risk-based approach to ensuring all your information is secured in the Cloud and cyber space. This means we regularly evaluate risks and security priorities, and take proactive measures to common threats such as:

Ransomware

Data leakages

Business email compromise

Third-party breaches

Cryptomining

When you see this lock icon on a PICA Group website or management system you can be assured knowing your data is safe with us.
We do this to make sure the personal data you trust us with (including names, email addresses, phone numbers, home addresses and financial information) does not end up in the wrong hands.
World-class methods and security partners
To keep your data safe, we follow proven cyber security methods and best practices that are considered of a high standard both in Australia and across the world – US National Institute of Standards and Technology, Australian Signals Directorate Essential Eight, Australian Notifiable Data Breach scheme, Information Security Management System ISO 27001.
We also work with well-known tech and cyber-security vendors to ensure our cyber security measures are up-to-date and as strong as possible.
Protecting your data is our priority
We currently do the following to keep your data safe and sound:
- Use multi-factor authentication
- Invest in high quality 24/7 cyber security monitoring, detection and response solutions
- Proactively identify and protect against possible threats
- Detect attacks and unusual activities, and deal with them as a priority
- Ensure your data is only stored in Australia or “safe harbour” countries
- Conduct regular IT security penetration tests and audits
- Organise regular third-party audits to ensure anything missed during an internal audit is addressed
- Organise role-based access controls to ensure staff members can only access data that is necessary for their responsibilities
- Provide staff who access your data with regular training on cyber security threats, policies and procedures
- Invest in world-class cyber insurance to cover against risks.