Data protection and cyber security

We take data protection and cyber security seriously

With PICA secure, your data is safe with us

At PICA Group, we take data protection and cyber security very seriously. That’s why we spend almost $1,000,000 a year on protecting your data.

We use a risk-based approach to ensuring all your information is secured in the Cloud and cyber space. This means we regularly evaluate risks and security priorities, and take proactive measures to common threats such as:

PICA cyber security ransomware


PICA cyber security date leak

Data leakages

PICA cyber security business email compromise

Business email compromise

PICA cyber security third party breaches

Third-party breaches


PICA Group cyber security lock

When you see this lock icon on a PICA Group website or management system you can be assured knowing your data is safe with us.

We do this to make sure the personal data you trust us with (including names, email addresses, phone numbers, home addresses and financial information) does not end up in the wrong hands.

World-class methods and security partners

To keep your data safe, we follow proven cyber security methods and best practices that are considered of a high standard both in Australia and across the world – US National Institute of Standards and Technology, Australian Signals Directorate Essential Eight, Australian Notifiable Data Breach scheme, Information Security Management System ISO 27001.

We also work with well-known tech and cyber-security vendors to ensure our cyber security measures are up-to-date and as strong as possible.

Protecting your data is our priority
We currently do the following to keep your data safe and sound:

  • Use multi-factor authentication
  • Invest in high quality 24/7 cyber security monitoring, detection and response solutions
  • Proactively identify and protect against possible threats
  • Detect attacks and unusual activities, and deal with them as a priority
  • Ensure your data is only stored in Australia or “safe harbour” countries
  • Conduct regular IT security penetration tests and audits
  • Organise regular third-party audits to ensure anything missed during an internal audit is addressed
  • Organise role-based access controls to ensure staff members can only access data that is necessary for their responsibilities
  • Provide staff who access your data with regular training on cyber security threats, policies and procedures
  • Invest in world-class cyber insurance to cover against risks.

Helpful resources and services
We care about what you have to say. Share your feedback here.