Data governance key to combat data loss and breaches
Data governance is key to combat data loss and breaches, according to hybrid data company Cloudera.
Data breaches affecting millions of Australians are on the rise, with the Office of the Australian Information Commissioner (OAIC) recently revealing a 26% increase in breaches in the second half of 2022.
Three quarters of these data breaches were blamed on malicious or criminal attacks alone. Just this week, there were reports of yet another significant breach with Latitude Group, a major financial services provider releasing details of a data hack that has impacted more than 14 million of their customers across Australia and New Zealand.
World Backup Day, taking place this Friday, March 31 is a prompt reminder for Australian organisations and citizens to ensure they have effective measures in place to secure and protect their data.
"For many businesses, data is their new gold. I would like to think of data as the new oil. But just like oil, bad things can happen if there is a leak or spill, or in the case of World Backup Day, a breach," says Keir Garrett, Regional Vice President for Cloudera ANZ.
"However, many organisations continue to struggle with how to effectively manage, govern and secure their data. Establishing strong data privacy and governance policies is important to reduce data exposure and regulatory risk," she says.
Garrett says there are two sides to data privacy and governance categorising sensitive data and ensuring it doesn't fall into the wrong hands.
"A defense-in-depth approach, which involves the coordinated use of multiple security countermeasures to protect valuable data, is crucial to tackle security risks," she says.
"This means that if one mechanism fails, another steps up immediately to thwart an attack.
"Data platforms like Cloudera can make a significant difference in how organisations implement a secure data management policy, by simplifying, streamlining and accelerating data processes to better detect breaches, apply controls, review data lineage and perform audits for enhanced agility and compliance."
Key findings from the Australian Information Commissioner report for the July to December 2022 reporting period include:
- 497 breaches were notified compared with 393 in January to June 2022 – a 26% increase.
- There was a 41% increase in data breaches resulting from malicious or criminal attacks. Malicious or criminal attacks accounted for 350 notifications – 70% of all notifications.
- Human error was the cause of 123 notifications (25% of all notifications), down 5% in number from 129.
- Of all sectors, health reported the most breaches (71), followed by finance (68).
- Contact information remains the most common type of personal information involved in breaches.
- The majority (88%) of breaches affected 5,000 individuals or fewer.
- 71% of entities notified the OAIC within 30 days of becoming aware of an incident.