What Would You Rather - Compliance or Catastrophe?
Australia is facing a catastrophe of epic proportions in 2019 simply because we Australians don’t take our IT Security seriously. We simply go about our daily lives believing it is either someone else’s problem or we are getting around to it.
In an article on ABC News 20 Feb 2019 “Cyber Attacks by Foreign Governments, malicious companies and enterprising hackers is on the rise. And the biggest problem is you”, Michael Connory, Chief Executive Security In Depth said “Ninety per cent of cyber-attacks worldwide begin with an email. Most organisations don’t really look at their email security that carefully. Everybody is vulnerable. Australian organisations have no idea how vulnerable they are.”
Further after a cyber breach of the Federal Parliament’s computer network recently and a warning from one of Australia’s most senior military figures that the threat of similar attacks is on the rise, experts are pleading with Australian businesses to take the threat seriously.
But we don’t do we?
Just like in the past, Drink driving laws were created to make us comply and were not taken seriously. Fines didn’t stop us, loss of licence didn’t stop us, so safety locks had to be implemented. New compliance laws have been brought in recently blow 0.05 and instant loss licence.
What is wrong with us? When are we going to learn and understand our complacency has created the whole compliance laws that we detest?
Are you aware that there are Data breaching laws that come into effect in Australia in 2018? Yes, your most likely answer. Have you created a Defence Plan which is one of the requirements? Silence is what we often hear…
Given that we are so lazy the Federal Government is deciding for us how we will be reprimanded if we don’t start to take this seriously including:
- Maximum fine for breaches under the Spam Act could amount to $2.1 million per breach per day
- Breaches under the Privacy Act have increased from $360,000 to $420,000
If you have Cyber security insurance in place you MUST show that you have been compliant, taken steps to put a Defence Plan in place before any pay out of a Cyber Insurance Policy is paid out.
A Defence Plan is involved, and it is complex to put together. So where do you start?