CURRENT AS AT 5 OCTOBER 2018
We are all very aware of how technology and the internet and cloud-based software has changed our businesses and our daily lives.
An unfortunate consequence of this advancing technology is the increase of cyber criminals and cyber-attacks.
The Australian Cyber Security Centre (ACSC) in its 2017 Threat Report revealed that 47,000 major cyber security incidences occurred over the past financial year, a 15% increase from the year before.
A cyber attack can become very expensive for businesses. The financial toll of a cyber attack should be a sufficient motivator to prioritise cyber security. A cyber security specialist estimated that 60% of businesses go out of business within 6 months of a major cyber breach.
As an example, a business with a denial of service attack could cost on average up to $180.000 to recover from. The average time to recover from a cyber attack was 3 weeks, but for some smaller businesses, it can take a lot longer for them to recover.
To protect your business from a cyber-attack we implore you to talk to your IT specialist. Engage them to do an audit of your IT system, including your online security, password protection, server protection, remote access, website, etc.
Do you need to consult a cyber security specialist to review your systems and help to put in place a solid cyber security framework?
We also suggest you talk to your insurance broker. Does your business interruption insurance cover cyber-attacks? Do you have business interruption insurance? Do you need cyber security insurance as well?
In addition to the significant inconvenience and expense of a cyber-attack, some businesses are now also required to report a breach of data security.
Under new Notifiable Data Breach legislation (part of Privacy Act amendments) applicable from February, 2018 some businesses will be required to report a data security breach to the Privacy Commissioner as soon as they become aware of the breach.
This new legislation applies to organisations governed by the Privacy Act:
- most organisations with an annual turnover of more than $3 million
- businesses with turnover of less than $3 million which:
- handle personal information of customers eg. credit reporting information, tax file numbers or health records (includes medical practitioners, chemists, gyms, lawyers, accountants, financial planners etc)
- sell or purchase personal information
- any related businesses
There are significant penalties for businesses that fail to comply, including:
- public apologies
- compensation payments up to: $360,000 for individuals
$1,800,000 for organisations
If you have any queries in relation to the above don’t hesitate to contact your client manager.
THIS NEWSLETTER HAS BEEN PRODUCED BY STANLEY & WILLIAMSON AS A SERVICE TO ITS CLIENTS AND ASSOCIATES. THE INFORMATION CONTAINED IN THE NEWSLETTER IS OF GENERAL COMMENT ONLY AND IS NOT INTENDED TO BE ADVICE ON ANY PARTICULAR MATTER. BEFORE ACTING ON ANY AREAS CONTAINED IN THIS NEWSLETTER, IT IS IMPERATIVE YOU SEEK SPECIFIC ADVICE RELATING TO YOUR PARTICULAR CIRCUMSTANCES.
LIABILITY LIMITED BY A SCHEME APPROVED UNDER PROFESSIONAL STANDARDS LEGISLATION.