It’s no surprise that cyber security has become headline material for mainstream media over the past few years. The impact of ransomware and major data breaches is widespread causing enormous financial loss to organisations and even putting some out of business. The risk is real and no organisation is exempt.
Recognising the cost to individuals, business and global economics, government legislation is being introduced. The new law ensures the notification of individuals where private data has been put at risk. It requires that individuals be advised of the necessary steps to protect personal data in in the event of a breach and leakage.
New Privacy Law changes – why you need to know about them
In Australia, parliament have passed the Privacy Amendment (Notifiable Data Breaches) Act 2017 (NDB scheme) which comes into force on the 22nd February 2018 and states clear obligations for organisations to report eligible data breaches. This includes the completion of a breach assessment within 30 days, and notification of individuals if a breach is verified. The Australian Information Commissioner must also be supplied with a copy of the assessment.
In the European Union, a new policy is being introduced called the General Data Protection Regulation or GDPR. The impact of this legislation is not limited to only the EU as it applies to organisations that hold, process or facilitate the processing of personal data. Organisations with interests in the EU need to assess the impact of this new legislation to understand their obligations.
Modern Cyber Security
Fortunately, while there’s no such thing as a 100% secure IT system, new technologies can help significantly reduce the risk of breaches and data loss. It’s not enough to just protect endpoints with anti-virus software and block known web threats with a firewall. An effective security solution needs to work to address a wide range of threat vectors (or methods). It needs to protect all devices and locations on the network and provide the necessary visibility to identify threats to stop them or allow them to be quickly remediated if necessary so as to minimise any impact.
While the myriad of security solutions in the market may seem confusing, there are a number of key areas where security solutions can dramatically lower the risk of an attack. However, organisations should conduct a full security assessment to determine which technologies can best address the risks. The most common solutions that can help include:
- Multi-Factor Authentication
- Endpoint Security
- Information Protection & File Security
- Email Security
- Next Generation Firewalls & Cloud Security
- Domain Name System (DNS) Layer security
- Security for Mobile Devices
- Integration and Intelligence
- Compliance & Risk Assessment Tools
Please refer to the full document for a brief security primer that explains how these technologies lower the risk of a successful cyber-attack impacting your organisation.
How can CustomTec help?
There’s no silver bullet when it comes to cyber security, but the technologies described here can dramatically lower the chance of an interruption to an organisations operations and data breaches. Determining which solutions are best for your organisation depends on how your data is consumed and the sensitivity of data.
CustomTec only partner with the leading vendors in cyber security and we have certified experts that can help you determine the best solution and investment to minimise risk to your organisation. If you’d like to discuss how we can help secure your organisation, then contact us today.
For a comprehensive version of this article please email us here