Here’s what you need to know about the latest OAIC report from—and why simply holding steady isn’t enough.
We’re living in the Wild West of cybersecurity. Unless you’ve been hiding under a rock or taking a digital detox, you already know that headlines are dominated by a seemingly endless stream of security breaches. And we’re not talking about minor security events, either.
Last week, Marriott reported that security issues exposed the data of a whopping 500 million guests. The breach had roots as far back as its 2015 acquisition of Starwood Hotels, leading many experts to say the situation could have been avoided altogether. A few days later, former Silicon Valley darling Quora fessed up to a breach affecting 100 million users. Meanwhile, Dell is busy reassuring the world that an attempted hack didn’t result in any compromised data.
And that’s all in the last week.
Everywhere you look, there’s a new cybersecurity hack, attack or breach wreaking havoc on modern businesses. So when the Office of the Australian Information Commissioner (OAIC) recently reported that the nation’s data breach numbers are holding steady, it’s tempting to think of that as a major win. But like cybersecurity itself, it’s not that simple. Here’s what you need to know about the latest OAIC report from—and why simply holding steady isn’t enough.
Highlights Of OAIC’s Latest Report
In its just-released report from the mandatory data breach notification scheme, the OAIC delivered a number of findings on the state of Australian cybersecurity. The most headline-worthy statistic was that Australian organisations reported 245 data breaches between July and September—a number on par with records from the three months prior. Those breaches were smaller in scale than in previous analyses, with the largest one hitting 100,000 to 250,000 users. In the quarter beforehand, the largest attack affected millions.
A few other key findings from the report:
Roughly 1 in 5 data breaches occurred from sending personal information to the incorrect recipient, whether via email, fax, mail or otherwise
Nearly 20% of the data breaches were attributed to phishing, which isn’t surprising given that 63% of data breaches occur due to compromised passwords
The health and finance industries were most affected by data breaches, a finding in line with global cyberattack trends
In the report, officials also raised the need for more robust training, processes and security systems.
THE BIGGER PICTURE ON AUSTRALIA’S CYBERSECURITY LANDSCAPE
Earlier this year, Australia ranked 5th globally in the number and severity of security breaches. At that point, it had 24 breaches, exposing a combined 20 million+ records. Meanwhile, a study by Osterman Research found that Australian firms are spending 26% less than firms in the U.S., U.K., Germany and Singapore on IT security. And over in West Australia, the government was found to be using weak passwords that put important data at risk. What does all this add up to? A complex landscape that requires continually evolving strategies, not static ones.
DON’T LET YOUR ORGANISATION BECOME ANOTHER STATISTIC
At OBT, we take a three-prong approach to helping Australian firms prevent attacks and data breaches. By incorporating inspection, detection and protection into your ongoing strategy, we empower you not only to respond effectively when security threats arise, but to keep breaches from happening in the first place. Holding steady is better than losing ground, but understanding how to prevent data breaches is the real key to shifting the power from hackers back to organisations themselves.
Contact OBT today to explore how our full risk assessments, ongoing training and analysis, remote working security and managed internal and external threat protection can ensure your organisation makes headlines in a good way—not as the source of yet another avoidable breach.