Archive: April 2016

Australian Government releases Cyber Security Strategy
Privacy Commissioner releases a Guide to deal with data breaches
Event: Learn With Us – Update on Cybersecurity

Australian Government releases Cyber Security Strategy

By Cameron Abbott and Giles Whittaker

Cybersecurity appears to be a new popular expenditure, particularly in Australia, as Malcom Turnbull announces his government’s new Cyber Security Strategy initiative budgeted to cost $230 million over 4 years in addition to the $400 million allocated in the 2016 Defence White Paper over 10 years.

So what do we get for all that money? The government has announced their 5 themes of action over the next 4 years which includes:

  1. a national cyber partnership;
  2. strong cyber defences;
  3. global responsibility and influence;
  4. growth and innovation; and
  5. a cyber smart nation.

This will include the funding to establish a Cyber Security Growth Centre through a National Innovation and Science Agenda. The Growth Centre is intended to serve as an innovation hub which will identify and prioritise cybersecurity challenges and identify opportunities for Australia to build globally competitive commercial solutions.

Cybersecurity is grabbing global attention and the Turnbull government has appointment their first Cyber Ambassador. The role of the Cyber Ambassador will be to identify opportunities for practical international cooperation and ensure Australia is situated to take advantage of new commercial opportunities.

Small businesses are often left exposed to hackers due to a lack of resources allocated to cybersecurity and, are targeted for their potential provide a back door to other companies, are often targeted. Turnbull’s no business left behind strategy sees small businesses being allocated $15 million in grants to have their systems tested and improved by The Council of Registered Ethical Security Testers (CREST).

For further information access the government’s plan here.

Privacy Commissioner releases a Guide to deal with data breaches

By Cameron Abbott, Rob Pulham and Simon Ly

On 11 April 2016, the Privacy Commissioner released a guide to deal with issues associated with data breaches. This is aimed at entities regulated by the Privacy Act 1988 (Cth) in order to assist them with complying with the Australian Privacy Principles.

When (and it is likely to be a matter of when and not if) your entity is subject to a data breach, whether it be through your system being hacked or if devices are lost or stolen, it is important that you are equipped to deal with it. It is important to get in front of such problems and have pre-prepared action plans given that it is likely that the first 24 hours will be the most crucial in determining your level of success in dealing with a data breach. Data breaches can be expensive, both in a monetary and reputational sense.

In the guide, the Privacy Commissioner highlighted that a written data breach response plan is an important tool to help deal with such issues. Such a plan should include:

  • actions to be taken if a breach is suspected, discovered or reported by a staff member, including escalation measures;
  • the members of the data breach response team; and
  • the actions the team are expected to take.

Such a plan needs to be regularly reviewed and updated, with all relevant staff kept up to date so that they know what actions they are expected to take.

The Privacy Commissioner suggests the following four steps to be taken when a data breach is discovered:

  1. contain the breach and do a preliminary assessment;
  2. evaluate the risks associated with the breach;
  3. develop a plan for notifying affected individuals and consider what information should be in any notification; and
  4. determine steps to be taken to prevent future breaches.

For more information, please feel free to contact us. You can find out more information on practical steps you can take here.

Event: Learn With Us – Update on Cybersecurity

2016 is shaping up to be another big year for developments in cybersecurity and privacy.

We finally expect to see mandatory data breach reporting laws introduced into Australia; there are continuing developments in relation to the US/EU “Safe Harbor” framework and its proposed replacement the “Privacy Shield”; ever-growing connectivity between “Internet of Things” devices; hackable cars; self-driving cars; and of course our favourite topic, drones.

Not to mention the increasing usefulness of data analytics and the steady migration of data into the “cloud”, along with data breaches that have become too prolific to list.

Join Cameron Abbott, Partner, and Rob Pulham, Senior Associate, in our Melbourne office Thursday 14 April 2016 12.45pm to 2.00pm for our annual update on all things cybersecurity and privacy, where we will:

  • highlight some of the key developments over the past 12 months
  • consider how your business should be placed to handle issues that are regularly arising in practice
  • look forward to the (near) future and what it may bring.

Lunch will be provided. We hope you can join us – please register here.

CPD/CLE points:
You can claim one substantive law CLE point for your attendance at this session.

Copyright © 2019, K&L Gates LLP. All Rights Reserved.