The Ramifications of Cyber Hacks are about to increase dramatically

March 2, 2018

February 22 saw the introduction of Australia’s notifiable data breaches (NDB) scheme.

The scheme requires notification of unauthorised access to, disclosure of, or loss of information likely to result in serious harm.

The scheme will apply to Australian Government agencies, businesses and not-for-profit organisations that have an annual turnover of more than $3M, private sector health providers, credit reporting bodies, credit providers and entities that trade in personal information and tax file number recipients.

The NDB scheme means businesses cannot keep silent on data breaches and hope for the best. Any breaches must now be reported to both the Office of the Australian Information Commissioner and people affected.

Leading Cyber insurer, Emergence, believes a wide range of entities are at risk and the statistics are horrifying. For example;

  • 63% of confirmed data breaches involved leveraging weak, stolen or default usernames
  • 22% of small businesses breached by ransomware attacks were so badly affected they could not continue operating
  • 41% of people surveyed globally could not identify a phishing email; 30% of phishing emails were opened and 12% clicked on infected links or attachments

Organisations will be obliged to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. The notification must be given to the individual and include recommendations about the steps individuals should take in response to the breach. The Office of the Australian Information Commissioner must also be notified.

A cyber insurance policy is one way to improve your business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when it’s IT security, policies and procedures fail to stop an attack.

For more information on the NDB or Cyber insurance, please call and speak to one of our experienced brokers.