How Australian organisations can suffer data breach consequences under GDPR

Europe’s General Data Protection Regulation (GDPR) will soon be implemented, making it important that Australian firms create strategies to prevent cybercrime.

This is due to the stringent security and reporting requirements of the GDP compared to Australia’s new notifiable data breach (NDB).

“The financial and reputational fallout of a data breach has always had the potential to be significant,” stated Steve Hunter, Chief Technology Officer of Asia Pacific at ForeScout.

“However, with the advent of NDB and GDPR schemes, it becomes even more certain that businesses will suffer tremendously if they’re not fully protected and prepared. With potential fines of up to four per cent of global revenue, companies could potentially lose an entire year’s worth of profits because of a single breach.” 

SEE ALSO:

• Cyber breaches have doubled in five years, says Zurich report

• How Australian CISOs and CIOs should frame cybersecurity conversations with the board

• Australia is building GlobalGuard, the world’s first blockchain and AI cybersecurity network

• Read the latest issue of Business Chief, ANZ edition, here

“Connected printers, wearable devices, smart TVs and other personal devices that connect to the company’s network are all possible entry points for hackers. Businesses therefore need to ensure that no device has network access unless it’s properly identified, secured and managed. This process needs to be as automatic as practical and should include ensuring devices are patched and up to date where possible.”

“While the potential financial and reputational impact of a security breach could be massive, it’s important for businesses to stay calm and prepare for the new legislation. This includes hardening security to make the organisation a less attractive target for malicious actors, but also building and testing the response and communication plans for when the organisation is penetrated. “

“It’s also important to remember that, while the NDB and GDPR schemes may seem punitive, they actually exist to protect individuals. As such, organisations that can be seen to comply wholeheartedly with the new legislation may enhance their reputation in the eyes of their customers. Putting the right security measures in place now means the chance of suffering an NDB is lessened. If legislation is what it takes to make companies more security-aware and take appropriate action to improve their security, then that’s not necessarily a bad thing.”