The Cyber Security Review, led by the Department of the Prime Minister and Cabinet, found that cybercrime is costing the Australian economy up to $1 billion annually in direct costs alone. Some analysts suggest criminal data breaches could cost businesses as much as $8 trillion over the next five years, largely due to higher levels of connectivity without a proportionate level of investment in security.
The Australian Taxation Office (ATO) works with the Attorney-General’s Department, the Australian Competition and Consumer Commission, the Department of Human Services, the Australian Securities and Investments Commission and other government regulatory agencies and departments to combat the growing threat of identity theft and cybercrime.
On 22 February 2018 the government implemented the Notifiable Data Breach Scheme (NDBS), administered by the Office of the Australian Information Commissioner (OAIC). The NDBS requires entities with obligations to secure personal information under the Privacy Act 1988 to notify individuals when their personal information is involved in a data breach that is likely to result in serious harm. These entities must also advise the OAIC of those breaches.
In their first quarterly report published 11 April 2018, the OAIC advised they had received 63 breach notifications in the six weeks since launch. Human error was the cause of the largest number (51%) of eligible data breaches reported to the OAIC in this period.
This suggests that while technical security solutions are necessary for ensuring data security, it’s important to not rely on them alone. Effective cyber security requires business to have sound employee training, policies and procedures. These elements should also be considered in the context of ‘digital supply chains’ within the business, as often business data is shared with third parties.
Find out more at Business Victoria.