itb-au logo
Story image

Law firm warns Australian firms: Get your data breach protection toolkit ready now

25 Jul 2016

Australian organisations are becoming increasingly targeted by 'aggressive' cyber litigation, and may be on the increase with Australia's upcoming mandatory data breach reporting requirements, says law firm Jones Day.

Adam Salter, one of Jones Day's Cybersecurity, Privacy & Data Protection partners, believes that the increase in hacking and the upcoming breach requirement laws, businesses must start getting ready for the mandatory compliance, as the Bill is currently before parliament and seems to have bi-partisan support.

 “Based on our experience in other jurisdictions that have introduced mandatory data breach notification, such as the U.S. and the EU, companies that are not adequately prepared are at greater risk of being sued by their corporate customers (for breach of privacy obligations embedded in their customer contracts) and by consumer customers,” Salter says.

Alastair MacGibbon, the Prime Minister's Special Adviser on Cybersecurity, says that complacency is not an option for anyone in the cyber risk war.

“The Australian government recognises that we must lead by example when it comes to detecting, deterring and responding to cyber threats and risks. But we cannot do this in isolation. It is absolutely critical we partner with and have the support of businesses to drive and implement the initiatives we outlined in our Cyber Security Strategy. Strong cyber defences have much wider ranging implications than most people realise – it has huge benefits to our economy, improves social opportunities of connecting online and boosts our national prosperity," says MacGibbon.

In addition, Mauricio Perez, a New York based Jones Day's Cybersecurity, Privacy & Data Protection partner, says the United States has seen many cases of private class actions and government enforcement since mandatory data breach notification was implemented.

“Data breach notification has the positive effect of providing due warning to potentially affected individuals to enable them to take appropriate steps to guard against identify theft, and other potential harms. Breach notification also means that cyber breaches could now be very public events that can result in private litigation, reputation and brand harm, and lead to governmental investigations, thereby increasing the legal risks to the reporting business," Paez says.

Eddie Sheehy, cybersecurity CEO of Nuix, says data protection must involve an 'holistic' approach, bringing in stakeholders across all organisational departments.

“Building a culture of security in an organisation must be a top priority for executives, starting with an understanding of where the crown jewels are kept and then having a strategy in place to protect them from insider threats," says Sheehy.

How how do Australian organisations comply with data breach requirements? Salter says that a review and improvement of data security, policies and guidelines is the first step, making sure that there are systems to deal with issuing data breach reports to customers and authorities. This also decreases litigation risks, however offshore data and cloud storage could still be issues.

“In particular, businesses should review (or if not already in place develop) risk management and compliance policies and procedures to both prevent data breaches and deal with them, in the unfortunate but increasingly  likely event that they occur,” Salter concludes.

Story image
How to optimise contact centres for 2021 and beyond
As the new year fast approaches, it’s a good time to check that contact centres are ready to handle whatever 2021 has in store, writes MaxContact director of Australia operations Daniel Harding.More
Story image
Epsilon brings multi-cloud networking to enterprises with Aviatrix
"We are excited to partner with Aviatrix to deliver a cloud networking service beyond traditional connectivity. Epsilon Cloud Networking addresses the real challenges in enterprise networking within and across the clouds."More
Story image
Talend and Snowflake announce partnership to deliver data clarity to joint customers
“The combination of Talend and Snowflake enables customers to quickly mobilize their data to achieve better business outcomes, with clean, governed, and accessible data at each stage of their Snowflake adoption."More
Story image
Three steps to achieve a better patient experience using data in the healthcare industry
Introducing new technology to the healthcare industry beyond COVID-19 will be complicated. The only thing that can simplify it is well-organised data insights.More
Story image
D-Link A/NZ launches Wi-Fi 6 PCIe adapter with Bluetooth 5.1
The DWA-X3000 can achieve Wi-Fi speeds up to 2402Mbps (5GHz) + 600Mbps (2.4GHz) and is backwards compatible with 802.11ac/n/g/a/b technology.More
Story image
Beyond prototypes: How 3D printing is moving outside the test lab
The unique ability of 3D printers to construct precise and intricate shapes faster and more efficiently than a manual process represents a compelling point for companies eager to fabricate concepts, models, and bases for existing components. More