Why Australian businesses must step up data and IoT security

By Wavelink

The need to comply with data breach legislation means Australian companies must be aware of their obligations and must ensure their own networks are fully compliant, along with the devices and applications of contractors, third parties, and guests that plug into the network.

Internet of Things (IoT) devices pose a particular risk and must be explicitly secured.

Eligible Australian businesses must now report notifiable data breaches (NDB) to the Office of the Australian Information Commissioner (OAIC). The OAIC’s first published quarterly report found 63 breach notifications were received in the first six weeks alone.

With the introduction of Europe’s General Data Protection Regulation (GDPR) in May and other countries, including New Zealand, expected to introduce similar legislation, organisations need to comply with more regulations than ever.

For example, GDPR affects companies in any country that does business with customers in Europe, which means many Australian companies could be subject to the legislation and some might not even know it.

See also:

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said: “Businesses can no longer remain stagnant and fail to act on security and compliance. Organisations of all sizes must ensure they’re in line with the new legislation changes and perform due diligence to ensure their networks are protected. Security breaches affect a company’s reputation and may result in significant consequences, with the cost and ramifications following a security breach potentially far more than the cost of initial investment in adequate protection measures.

“Organisations must also realise the value of the data they possess. Contractors, third parties, and guests plugging into the company’s Wi-Fi network must be limited to accessing only the data they require. Everyone, including third parties, must comply with company security policies and practices.”

The Internet of Things (IoT), which includes wearable technology, voice-activated devices, and smart appliances, present organisations with an additional level of concern. They don’t tend to come with built-in security and can present a backdoor for cybercriminals to access company networks either to take over the device itself or as part of a larger attack.

Hutchinson added: “Schools and hospitals are subject to NDB requirements and they tend to be prolific users of IoT devices, as well as having hundreds of users, including guests, accessing their networks. These organisations must operate an appropriate security and compliance system otherwise they may held liable for any breaches that may occur.”

Share

Featured Articles

The world’s biggest chipmaker bets big on renewable energy

Despite the struggle faced by chipmakers to reduce emissions, Taiwan Semiconductor Manufacturing is accelerating renewable energy adoption by 10 years

Uniqlo shakes up leadership amid global retail ambitions

Fast Retailing, the group behind Japan’s Uniqlo, overtakes Gap with soaring profits and is now eyeing accelerated global expansion with executive shakeup

What is the ESG strategy of Chinese automaker Geely Holding?

Chinese automotive giant Geely Holding released its 2022 sustainability report, so what is the car maker’s ESG strategy?

Top 10 best-performing CEOs in Singapore

Leadership & Strategy

Top 10 women behind India’s most successful tech startups

Leadership & Strategy

Top 10 best private members clubs in Singapore and Hong Kong

Leadership & Strategy