We have joined forces with One Direct Advisory, expanding our services to include expert advice across business strategy, finance, corporate structuring, governance and HR. Find out more here.

Cyber Security, Protecting Your Assets

CYBER Attack and Privacy Breach – Still think it doesn’t affect you?

Last month we published the first in a series of articles focussed on cyber attacks, privacy breaches, the possible impact on organisations and what you can do to protect yourself.

There has been significant public and media attention as a result of recent high profile data breaches such as those impacting LinkedIn, Adobe, Optus, Kmart, Yahoo and Ashley Madison. These are large organisations which can lead to the belief amongst SME’s that are simply ‘aren’t a target ‘. However, the facts show that no organisation is too small to be targeted, with 60% of all attacks aimed at SME’s. In fact many attacks are automated to capture anyone they can.

Last month we outlined some steps to mitigate the risks of an attack. Despite taking these steps, as evidenced by recent attacks on large organisations, a cyber breach is still a significant exposure to any organisation, large or small. We would strongly encourage business owners to take up a Cyber Liability Policy which is an extremely cost effective method of transferring the risk to an insurer and having immediate access to professional support following a breach.

There are three really good reasons to both mitigate the risks and insure against them. Firstly, to ensure you are protected against the direct and third-party costs of and breach. Secondly to have immediate access to professional breach support via your insurer. Thirdly, the ‘Privacy Amendment (Notifiable Data Breaches) Bill 2016’ was passed in the Australian Parliament on the 13th of February 2017. The bill amends the ‘Privacy Act 1988’ to introduce a mandatory data breach notification regime. The notification regime is a significant change to the data breach notification obligations of organisations holding personal information. The bill is likely to commence 12 months after it receives Royal Assent, which is expected soon.

This is no longer an emerging risk for organisations; it is real and significant both in terms of reputation, costs and legislative requirements. Next month we will detail the extent of insurance cover available along with some real life examples of SME breaches. We will follow this with an article on the Privacy Amendment Bill and how it impacts organisations.

In the interim if you want to find out more, contact Nathan Corrigan at Insurance House, (02) 8913 9137 or nathan.corrigan@ihgroup.com.au.

Copyright 2021 @ PBL Law Group