Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Data breach mandatory notification for Australia

Varonis Systems : 12 November, 2012  (Technical Article)
Varonis comments on the possibility of Australia falling in line with the USA and the EU with the introduction of compulsory declaration of data breaches
Data breach mandatory notification for Australia

Data governance specialist Varonis Systems has welcomed news that the Australian government is contemplating a mandatory notification rule for any organization suffering a data breach.

David Gibson, Varonis’ Vice President of Strategy, said that the discussion paper issued by the Australian Attorney-General – which seeks comments on whether organizations should be required to report breaches, what kind of breaches should have to be reported, who should be notified, and what penalties should apply for failure to comply – is excellent news.

“The most important aspect of the proposed legislation, apart from the mandatory reporting requirement, is the naming and shaming of those organizations whose security negligence has resulted in customer data leaking out to the Internet and/or being stolen by cybercriminals,” he said.

“This will give ordinary citizens as well as third-party organizations a chance to learn about the data misdemeanors of Australian businesses and public sector agencies, and help them make a choice,” he added.

Gibson went on to say that as virtually every facet of our lives becomes digital, citizens begin to understand the need to protect their data as an asset, in the same way they protect money.

In many ways, he said, money and data are strongly linked, as personal data that is stolen or lost as a result of a data breach is now bought and sold on the identity theft marketplace.

Company data, meanwhile, is bought and sold for industry espionage and competition purposes, as its loss results in public embarrassment and regulatory fines for the organization involved.

The Internet, Gibson explained, has given rise to a new level of transparency and fluidity of information, where companies suffer the ignominy of being named, shamed, and fined and lose business as a result of a breach.

“This is why legislation such as that which is being proposed in Australia is so important. We hope that, if anything, the Australian government imposes strong penalties on the organizations whose carelessness results in a data breach.

“At the very least, this should prompt organizations who fail to protect their structured and unstructured data – perhaps by recklessly outsourcing to a free or low-cost cloud service provider without doing the necessary checks – to re-evaluate their data governance strategy,” Gibson said.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo