The largest IT leadership survey in the world has found that businesses are increasingly prioritising improvements in cyber security, operational risk and compliance.
It’s understandable – cyber threats are globally at an all time high. In Australia we are only just starting to get a picture of the number of significant data breaches that occur. 63 threats were reported to the Office of the Australian Information Commissioner (OAIC) in the first quarter of 2018, 55 of them in March following introduction of new data breach scheme in February.1
Faced with this increasing threat, according to the global IT leadership survey, the number of organisations prioritising improvements in cyber security was up 23% on 2017.
77% of IT leaders admitted to being ‘most concerned’ about the threat of organised cyber crime, up from 71% last year, and only 22% said they were well-prepared for a cyber attack.2
The problem for many organisations today is that they increasingly rely on rich, customer-centric data to drive their business plans and in doing so grow revenue. And the more rich the data is that they hold, the greater the interest for cyber criminals.
Maximising this revenue-driving potential with the need for privacy and security is a delicate balancing act, however the survey found that those that get it – ‘customer centric businesses’ – are 38% more likely to report greater profitability than their competitors.2
To ‘get it right’, KPMG suggests:3
Put customers at the heart of your privacy strategy
Be transparent about the kind of customer information your company holds and how you plan to use it.
Understand that personal data is an asset and a liability
Personal data can create value for your company but breaches, penalties and loss of customer trust can also turn it into a liability.
Technology alone is not the solution
Before considering which solutions to invest in, you must first get the basics right – starting with strong privacy governance.
Be prepared for questions
Avoiding reputational damage is a top priority – ensure your company is prepared to respond quickly and effectively.
Manage your subsidiaries and suppliers
Ensure that every part of the value chain applies the same high standards of privacy – for both customer and employee data.
‘Getting it right’ will require investing in IT experts who can develop and implement a digital strategy that will manage your data security and proactively monitor for threatened cyber attacks. While this may mean reallocating resources that were otherwise intended, it could save your brand reputation and even your business in the future – failures to comply with the NDB scheme can attract fines up to $2.1 million.4
Australia’s data security laws
Australia’s Notifiable Data Breaches (NDB) scheme means organisations that experience a data breach must notify any individuals whose personal information is involved in the breach, if the data breach is likely to result in serious harm to.
This notification must include recommendations about the steps individuals should take in response to the breach. The OAIC must also be notified of eligible data breaches.
The NDB scheme applies to agencies and organisations that the Privacy Act requires to take steps to secure certain categories of personal information. This includes Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others.1
Time to Focus on IT
Ayers is a leading contractor management, migration and payroll provider. With state of the art IT and proactive IT engineers o board, we are confident that any data we hold on your behalf is secure and protected. If you need to focus on your company’s data security, talk to your Ayers consultant. We can take care of your administrative compliance, leaving you to focus more on your IT.