Lunch & Learn series: Notifiable data breaches scheme readiness
Last week Tesserent and Kaspersky Lab co-hosted a series of Lunch and Learn events on readiness for the notifiable data breaches (NDB) scheme, which commences next year.
The keynote speaker for the Sydney and Melbourne lunches was Helaine Leggat from Information Legal. Helaine is a leading expert on Cyber Law, and one of the few lawyers with CISSP, CISM, CIPP and CIPP/IT credentials.
Helaine presented an in-depth overview on what organisations need to consider to be compliant, and activities they should undertake immediately to be prepared. One important point Helaine noted was although the scheme commences next year, organisations should already have systems and processes in place for securing data, and protecting a company’s reputation.
After lunch, Mark Jones and Karen Negus gave insights into how the human factor is often the greatest weakness in cyber security. Almost all data breaches are a result of human error, misconfiguration, malicious activity and so on. The challenge lies in educating and training staff to be aware of security practices both in the office and at home.
Daniel Kadane and Kieren Cook from Kaspersky Lab showcased new updates including the Kaspersky Threat Lookup Service (KTL), and its ability to perform sandbox analysis of suspicious files. They also gave an overview on a recent Cost Of Data Breach study, presenting the tangible cost impact a data breach can have on a companies large, and small.
The topics presented generated many questions and healthy discussion, with the audience debating the challenges around data and identity breaches, and the difficulty adhering to multiple country policies on data security.
The NDB scheme will commence on 22 February 2018. It only applies to eligible data breaches that occur on, or after, that date. If you would like to know how to ready your business for the scheme, please contact Tesserent and we’d be happy to provide guidance on what your organisation can do to be compliant.
For more information
Office of the Australian Information Commissioner information website
Tesserent consulting services
Keep an eye out for future Tesserent events
NDB Scheme Key Facts
• Privacy Amendment (Notifiable Data Breaches) Act 2017. No. 12, 2017.
• Commences 22 February, 2018
• Businesses with annual revenue over $3M+
• Australian, ACT and Norfolk Island public sector agencies and all health service providers
• Organisations will need to be prepared to conduct quick assessments of suspected data breaches to determine if they are likely to result in serious harm.