Security News > 2024 > May > CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
Steenkamp said he has observed many Australian organisations are yet to assume the "Paradigm shifting" view of risk around data estates that is necessary for future data governance, and soon, local CISOs could be caught in the regulatory crosshairs as a new global wave of regulatory action breaks on local shores.
He recommends organisations get on top of data estates using measures like better classifying data records, asking whether data needs to be retained and minimising data through data disposal.
While he said there is awareness in Australia around the nation's Privacy Principles, a lower volume of regulatory action means organisations have not yet "Felt the pain" in the form of fines or penalties - like CISOs or board members being held accountable - so the risks of data are not fully accounted for.
If organisations are not addressing the broader risk aspects of their data holdings and putting in place data governance and security controls to minimise and mitigate the risk, Steenkamp said what the UnitedHealth hack shows is that the "Viability of the organisation is potentially harmed."
Steenkamp recommended leveraging diagnostics and technologies to help identify where data holdings are and then to go about minimising that data, particularly where it is sensitive data such as health data or personally identifiable information.
While it can be tempting to avoid this by asking if it is really a legal issue or a board issue, Steenkamp said if data is exposed, the first question a board will ask is why they were not informed or given necessary insight into the risks around data.
News URL
https://www.techrepublic.com/article/data-breach-risk-australia/
Related news
- Dell investigates data breach claims after hacker leaks employee info (source)
- Disney ditching Slack after massive July data breach (source)
- A data leak and a data breach (source)
- U.S. govt agency CMS says data breach impacted 3.1 million people (source)
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)