- 23 April 2019 15:28
Aussie businesses ill-prepared for hackers and data breaches - 9 step checklist for cyber protection
According to Mark Mantakoul General Manager of Allcom Networks – a company which recently launched the innovative data breach package to help Australian businesses navigate cyber risks - securing against cyber-crimes needed to be among the business community’s top priority, yet for many it was not even a consideration. “In today’s digital age, every business in any industry is vulnerable as cyber-crimes like hacking steadily increase,” Mr Mantakoul said. “Internationally, we are seeing an increase in the level of sophistication in cyber-attacks, including cases where hackers have intercepted emails, manipulated invoices and redirected payments to their own accounts. “It is no different here - we are increasingly hearing from companies that have been compromised by ransomware or data breaches. “And unfortunately, most companies take a reactive approach to security, usually only thinking about it after a cybercrime or data breach has occurred which could see them exposed financially and reputationally. “The message is simple - If they don’t start to take preventative action, Australian businesses are putting themselves at risk.” Mr Mantakoul pointed to recent data from the Australian Small Business and Family Enterprise Ombudsman (ASBFEO) and the reports released by the Office of the Australian Information Commissioner in Sydney (OAIC) as evidence of the need for action. The ASBFEO reports that 44% of Australian businesses are not fully equipped to deal with data breaches, while the OAIC reports that since February last year they have received 812 notifications of data breaches occurring. The OAIC report shows 57% of the cyber-attacks on businesses were of malicious or criminal nature, versus, 37% that were human error and 6% system faults. Other OAIC statistics highlight just how simple it can be for fraudsters and thieves to steal and manipulate an individual’s or company’s information, with 85% of data breaches reported containing contact information, 45% containing financial information, 35% IDs and 22% including tax file numbers. Mr Mantakoul said in addition to the potential reputational and financial impact of a cyber- attack, the recent amends to the Privacy Act around notifiable data breaches should prompt businesses to think about the issue before it happens. “Recent amendments to the Privacy Act include an increase in penalties and requirements around notifiable data breaches, which should see businesses introduce measures to not only protect personal information, but focus on those directly affected,” he said. “Not only could ill-prepared businesses unwittingly release sensitive information but could also face irreparable brand reputation damage and financial penalties if they don’t comply with the mandatory data breach notification requirements.” With the amendments to the Act, these penalties will increase from the current maximum penalty of $2.1 million for serious or repeated breaches to $10 million, or three times the value of any benefit obtained through the misuse of information, or 10 per cent of a company's annual domestic turnover. Mr Mantakoul said: “Today, every business sector is vulnerable as criminal hacking steadily increases – across all industries including financial, law, manufacturing, construction, marketing, IT, health and logistics. “Based on the data available, our recommendation for businesses is to improve the security of their systems and technologies, increase cyber security awareness throughout the organisation and be prepared to act immediately in the event an attack occurs.” Allcom Networks has recently launched an innovative cyber security and data breach package – the Data Breach Readiness Solution – which has been designed to proactively prevent and mitigate the damage of data breaches. Uniquely positioned in the market, Allcom’s cyber security and data breach offering is strengthened by its interdisciplinary partnerships with cyber security experts CTRL Group, corporate communications consultants Lighthouse Communications Group to deliver an innovative solution. To assist organisations to proactively protect their systems, they have developed a nine-step cyber protection checklist which can be accessed online at www.notifiabledatabreachsolution.com.au .
Mr Mantakoul said: “By being more proactive, Australian businesses can protect themselves against cyber-attacks, decrease the risk of data breaches affecting their reputation and finances, and save money and time on reactive solutions down the track.”