Security News > 2024 > May > CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
Steenkamp said he has observed many Australian organisations are yet to assume the "Paradigm shifting" view of risk around data estates that is necessary for future data governance, and soon, local CISOs could be caught in the regulatory crosshairs as a new global wave of regulatory action breaks on local shores.
He recommends organisations get on top of data estates using measures like better classifying data records, asking whether data needs to be retained and minimising data through data disposal.
While he said there is awareness in Australia around the nation's Privacy Principles, a lower volume of regulatory action means organisations have not yet "Felt the pain" in the form of fines or penalties - like CISOs or board members being held accountable - so the risks of data are not fully accounted for.
If organisations are not addressing the broader risk aspects of their data holdings and putting in place data governance and security controls to minimise and mitigate the risk, Steenkamp said what the UnitedHealth hack shows is that the "Viability of the organisation is potentially harmed."
Steenkamp recommended leveraging diagnostics and technologies to help identify where data holdings are and then to go about minimising that data, particularly where it is sensitive data such as health data or personally identifiable information.
While it can be tempting to avoid this by asking if it is really a legal issue or a board issue, Steenkamp said if data is exposed, the first question a board will ask is why they were not informed or given necessary insight into the risks around data.
News URL
https://www.techrepublic.com/article/data-breach-risk-australia/
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)