Tag:Cybersecurity

1
California Proposes Cybersecurity Requirements for Businesses
2
Privacy Awareness Week Part IV – Privacy Priorities
3
Privacy Awareness Week Part III- The importance of being privacy prepared
4
Privacy Awareness Week Part II- Get in the know and get privacy right
5
Privacy Awareness Week Part I- The state of play
6
Proposed cyber ransom bans predicted to cause “catastrophic damage”
7
BANKS AND HACKERS: SECURITY AMONGST ENTITIES
8
Good report card but data breaches are up, with no sign of letting up
9
Australia to be the most cyber secure nation?
10
The wait is over: The Privacy Act Review Report has been published!

California Proposes Cybersecurity Requirements for Businesses

By: Eric Vicente Flores, Avril Love, and Whitney McCollum

In recognition of Cybersecurity Awareness Month in the US, we will be bringing awareness to relevant 2023 cybersecurity updates each week.

On 28 August, the California Privacy Protection Agency (CPPA) published draft regulations regarding risk assessments and cybersecurity audits for consideration at the Board’s September meeting. The draft regulations precede the formal rulemaking process, but provide insight into CPPA’s current priorities.

Read More

Privacy Awareness Week Part IV – Privacy Priorities

By Cameron Abbott, Rob Pulham and Stephanie Mayhew

Given the current privacy reform and cyber threat environment, the question we get asked a lot is – what are the privacy risks that should be assessed in our organisation and how do we prioritise these? Unfortunately this isn’t always a ‘one size fits all’ answer but there are some basic matters you can check as to whether your organisation is considering privacy risks proactively.

Read More

Privacy Awareness Week Part III- The importance of being privacy prepared

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

The APPs require organisations to “take reasonable steps to implement practices, procedures and systems that ensure compliance with the APPs”. Putting your mind to privacy after a data breach or complaint is very much shutting the stable door after Phar Lap has bolted (good luck getting him back!)

Good privacy management starts with a good privacy culture in your organisation. Recommended steps to develop this include:

Read More

Privacy Awareness Week Part II- Get in the know and get privacy right

By Cameron Abbott, Rob Pulham, and Stephanie Mayhew

With the cyber threat landscape significantly evolving, we are seeing companies – large and small – experience attacks. Recent high-profile attacks have shown that these breaches are alarming, targeting a range of sectors. With millions of Australians more concerned about their privacy than ever before, the federal government is making privacy a priority with the Attorney-General’s Department recently releasing 116 recommendations to amend the Privacy Act. The federal government has also made proposals to consider a new Cyber Security Act and strengthen existing laws around this space. 

Read More

Privacy Awareness Week Part I- The state of play

By Cameron Abbott, Rob Pulham, and Stephanie Mayhew

The theme of this year’s Privacy Awareness Week (PAW) is “back to basics”. It’s fitting to consider some lessons arising from recent high-profile breaches affecting millions of Australians, and the consistent messages we’ve been hearing from the Australian Information Commissioner in the midst of those incidents.

Data breaches can happen to anyone. We know cyberattacks can be big business, and sophisticated criminal networks make a good living from these. And if your organisation has taken reasonable steps to avoid or mitigate such breaches, the fact you’ve encountered one will not, of itself, be held against you.

Read More

Proposed cyber ransom bans predicted to cause “catastrophic damage”

By Cameron AbbottRob PulhamStephanie Mayhew and Dadar Ahmadi-Pirshahid

We saw last year how low hackers are willing to stoop to shame companies into paying ransoms, including leaking sensitive information aimed at embarrassing individuals affected by data breaches. As a result we also saw prominent calls for ransom payments to be ‘banned’, to reduce the financial incentives for hackers to target Australians’ personal information.

We are now hearing the flipside to that argument, with AGL Energy warning that a government-imposed ban on companies paying cyber ransoms to hackers could cause “catastrophic damage”.

Read More

BANKS AND HACKERS: SECURITY AMONGST ENTITIES

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

Presumably inspired by the recently released “Honor Among Thieves”, a film based on table-top roleplaying game Dungeons & Dragons, the Australian government invited representatives from the Reserve Bank, the AFP and regulators ASIC and APRA for a three-hour session of cybersecurity roleplay. Further exercises are expected to be conducted with major banks and financial services, and eventually with the aviation sector and other critical infrastructure areas.

Read More

Good report card but data breaches are up, with no sign of letting up

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

[Featured image from a linkedin post of Office of the Australian Information Commissioner made on 3 March 2023]

Shortly after the Government announced their ambition to make Australia a global leader in cyber security, Australia has been named the country with “the greatest progress and commitment toward creating a cyber defence environment” in MIT’s Cyber Defence Index of 2022/23.

However, the Office of the Australian Information Commissioner’s latest notifiable data breaches report paints a different picture. The Commissioner reported a 26% increase in the number of total reported data breaches and a 41% increase in the number of reported data breaches arising from malicious or criminal attacks compared with the first half of 2022. Health service providers and the finance sector were the worst hit, together representing almost a third of reported data breaches.

In releasing the report, the Commissioner once again stressed the need for organisations to collect only the minimum amount of personal information required and deleting it when it is no longer needed. In the report the Commissioner has recommended a number of steps to address the kinds of issues featured in the second half of 2022, including:

Read More

Australia to be the most cyber secure nation?

By Cameron Abbott, Rob Pulham and Dadar Ahmadi-Pirshahid

Not content with merely implementing broad-scale privacy reform, the Government has announced a new position, the Coordinator for Cyber Security to be added to the Department of Home Affairs as a step towards their aim of “making Australia the most cyber secure nation by 2030“.  This would seem to be a rather aspirational target!

The Coordinator will be supported by a National Office for Cyber Security, and their role will be to oversee steps to prevent future cyber security incidents and to help manage cyber incidents as they occur. 

Read More

The wait is over: The Privacy Act Review Report has been published!

By Cameron AbbottRob Pulham and Stephanie Mayhew

The Government has today released the Report of the Attorney General’s Department’s review of the Privacy Act 1988 (Cth). The Government is seeking feedback on the 116 proposals in the Report before deciding what further steps to take. Submissions on the report are due on 31 March 2023. With this timing, it’s possible that we will see the review finalised towards the end of the first half of 2023.

The report can be accessed here.

The proposals made in the Report centre around:

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.