Responding To A Data Breach

It is coming up to the weekend and everyone is starting to relax; the beer and champagne are coming out and everyone is now talking about their weekend plans. I see some senior leaders gathering and going in and out of meeting rooms. Uh oh, something is definitely going on. I hope it is not because my time sheet was late. The senior leaders are starting to look more worried and appear a bit lost.

I have now been told my presence is required at a meeting. I am definitely feeling anxious; it is not about the time sheet, something worse. It is 4pm, I have had a long week and I just want to go home. I walk into the meeting room and a few faces look at me in shock. “We have been breached.” Well, that was that, we have been breached. We will need a team to work over the weekend to assist with this incident. We are going to need a plan, we are going to need to identify what went wrong, what data has been breached and what we are going to say to our clients. We are a newly formed company, this is not good for our reputation.

This story sets the scene on what does happen within organisations and it sometimes does happen on Friday afternoons; unfortunately, that is just the nature of the business. Everyone is puzzled as to how this has happened, as it has never happened before. But how can they be so sure?

Data breaches hold a significant risk to organisations within Australia. These breaches represent companies which fail to protect confidential data, opening a gateway to fraud and data exfiltration. A data breach is an incident that involves sensitive information, which has been viewed or stolen by an unauthorised source. Companies and consumers are affected by their data being exposed.

The internal dialogue starts going through everyone’s heads – what happens now, how does the organisation circumvent this? The answer is that Australia has now implemented laws that stipulate mandatory notification to the Australian Information Commissioner and communication must be made to members of the public when companies are aware they have been breached. They can no longer keep quiet or try to bypass a community announcement, as this is now incumbent of the law.

These mandatory laws have now brought the Australian standard in alignment with other countries around the world, which have implemented the same requirements.

Australian organisations want to engender trust in their clients. They want to demonstrate that they take their privacy and security seriously by implementing the appropriate security controls. Addressing data breaches in the Australian market will generate awareness and assist in maturing the industry.

In the event of a data breach, organisations will either have their own internal security team perform the investigation or an external consulting firm to determine what went wrong, what data was compromised and to generate a response strategy, as well as to provide a road map to uplift a company’s current security posture.

Breaches are becoming more prominent as the world moves towards a digital economy. Regulations have been put in place to assist in mitigating the potential risk due to these attacks.

It does not matter the size of the company, big or small. All companies are at risk of having a potential data breach; it is about how they respond to them and what they are doing on a day-to-day operational basis to ensure they are being smarter than the cybercriminals.

Karissa Breen has a background in cybersecurity, financial services and consulting. She is currently working as an account executive for Green Light, a provider of IT services to system integrators, telcos, consultancies and defence organisations. Karissa publishes her own IT blog.