What was the Optus Data Breach all about?
On the 22nd of September, hackers targeted Optus customer information and requested a $1 million ransom fee, which has been coined the Optus data breach. Optus was slow to respond to the threat and refused payment, compromising many clients’ private information, including passport and driver’s licence numbers, dates of birth and addresses.
It’s not news that Australian data security regulation laws lag much of the developed world by over a decade. While there is substantial funding and provisional powers for regulators such as ASIC to hold large companies to account, the comparatively lean funding and ability to fine and prosecute for information mishandling is vested with the Office of the Australian Information Commissioner (OAIC). Hence there is not the same risk for organisations of punitive action for mishandling data as for financial fraud. Obviously, that’s about to all change.
How will this impact cybersecurity in the future?
It has certainly highlighted the need to introduce more assertive policies and regulations of data security. We can certainly expect to see a broadening of powers to existing regulators such as O
IAIC and maybe the creation of other offices to tighten data security practices. Companies and businesses can expect a shift in IT infrastructure and data management compliance requirements. Thus, executives should evaluate whether they have the existing skills and capital to navigate the legal and technical implications of these changes.
Whose job is cyber security in your business?
Cyber security tends to sit between legal and IT disciplines and is becoming more central to company operations as the world digitalises its services.
How can Clearpoint help?
As corporate law and governance experts, we help boards and executives hire right and fill skills gaps. With our outsourced legal counsel business model, you get the advantage of dealing with the same lawyer every time (versus a rotation of faces in a firm or having to hire internally and paying a full salary plus associated overheads), and we have the benefit of compiling an in-depth understanding of your company’s workings, providing faster response to regulations changes. In this way, we’re clear on how new legislation impacts the specifics of your business and can take quick action to respond.
Your data won’t protect itself!
When it comes to Cyber security, taking preventative action is paramount. We encourage business owners planning for the new year to seriously consider the implications and lessons of this incident. To understand more about your obligations and ensure you have the right expertise in your board meetings, don’t hesitate to speak with one of our commercial lawyers today.
To learn more about our unique service model, have a look here.
Book your free discovery call to consult with an accredited lawyer.