PICTURED (left to right): Mike McGrath, Director - CACC, Jason Holandsjo, Chief Privacy Officer - Telstra, David Hawkins, Managing Director - SOCOM, Steve Ingram, Senior Partner - Cyber, Privacy & Forensics - PwC, Nick Rieniets, Lead Customer Engineer - Kasada and Serina Gill, Security Product Specialist - Telstra
In this day and age data breaches are not only probable, they are inevitable, according to cyber security experts. How then do businesses prepare themselves and their customers for cyber breaches?
A panel of leading cyber security experts discussed the importance of data protection and awareness of online personal safety during Cyber Security: Are you Cyber Ready?– a CACC event run hosted by Telstra.
It is important to differentiate between a cyber breach and an attack, a breach being a human error that has led to personal or business information being compromised, an attack being a deliberate act to gain access to a company’s information or systems.
TELSTRA SECURITY OPERATIONS TOUR
Despite what many businesses may think, more than 40 per cent of data breaches are the result of human error rather than malicious intent, which is why it is more important than ever to practise cyber safety and have clear protocols for when data breaches occur. With the increasing use of technology, there is also an increased risk of data breaches. These are often perceived to be large-scale hacking incidents but in reality, something as simple as an employee leaving a laptop on the train can result in major data breaches and a company’s intellectual property or customer information being compromised.
The test for companies is how they manage data breaches when they occur.
Steve Ingram from PWC Australia said sharing information about data breaches could be part of the solution. “By being open and honest about data breaches when they occur, we can share information that could prevent these breaches in the future,” Mr Ingram said.
“It also helps companies restore trust with their customers if they are honest about data breaches. People will forgive data breaches but they will not forgive companies who lie about breaches or attempt to cover them up.”
Not only is reporting data breaches favourable, it is also a legal requirement following the introduction of the Privacy Amendment (Notifiable Data Breaches) Bill 2016, which requires government agencies and businesses covered by the Privacy Act to notify any individuals affected by a data breach that is likely to result in serious harm.
Nick Rieniets from Kasada said businesses needed to understand their vulnerabilities when it came to cyber security and to act quickly in the event of a breach.
TELSTRA SECURITY OPERATIONS TOUR
“It comes down to how you respond in a crisis and it is all about immediacy, if you don’t act early, the situation has the potential to become much worse,” Mr Rieniets said.
Data breaches have been brought into the spotlight recently with the Australian Government’s handling of malware attacks during the Census as well as the recent Medicare breaches that saw the personal information of some card holders sold on the darknet.
These cyber attacks exposed vulnerabilities of the Government’s systems, demonstrating just how easy it is for cyber security to be threatened. The poor handling of these situations by the Government has drawn wide public criticism and raised concern about the proposed My Health Records and the Government’s storage of people’s personal information.
Telstra Chief Privacy Officer Jason Holandsjo said cyber security was a crucial consideration for every business.
“Some small start-ups or SMEs may not survive a data breach, so it’s important to invest in cyber security early on and to understand where your vulnerabilities lie,” Mr Holandsjo said.
The Canadian Australian Chamber of Commerce (CACC) is a non-profit organisation that aims to bring businesses together to facilitate strong economic trade & investment between Canada and Australia.
CACC Communications Committe