In 2020, the average cost of a data breach in Australia was $3.35 million, an increase of nine per cent from the previous year. Furthermore, it took businesses an average 211 days to identify and contain the breach if they didn’t have security automation in place. The impact of these security breaches was far-reaching, with 80 per cent of incidents involving the exposure of customers’ personal information. The costs to an individual whose personal data has been intercepted can be devastating, with consequences ranging from financial fraud and identity theft, to psychological and even physical harm. It’s crucial, therefore, that organisations do everything in their power to protect customer information.
But while most organisations understand this in theory, properly securing data is fraught with complexities, with many business leaders unsure of what to do after a data breach, or how to identify one. According to a 2019 report, 47 per cent of Australian SMEs don’t understand their obligations under the Notifiable Data Breaches scheme, while 49 per cent didn’t have a data breach response plan in place, despite the same number experiencing a cyber incident in the last year.
With cybersecurity threats increasing in the wake of the COVID-19 pandemic and large-scale shifts to hybrid work environments, it’s critical that business and IT leaders understand how to identify a data breach and what to do after a data breach occurs.
As is evident in the 2020 IBM data breach report, detecting and containing a breach can be difficult. However, businesses with fully deployed security automation systems, including artificial intelligence (AI), machine learning and analytics, were 27 per cent faster at responding to breaches and experienced less than half the costs compared to companies without security automation.
By deploying these types of security and data breach detection tools to regularly monitor your network for signs of compromise, you can improve your organisation’s ability to quickly and effectively detect breaches. After all, if you know what your baseline traffic looks like, it becomes much easier to identify abnormal activity.
Here are a few signs that your network could potentially be compromised:
Quickly detecting a data breach is only part of the equation – once a breach is detected, it must then be resolved. But as we already established, almost half of Australian small businesses are woefully underprepared.
It’s crucial, therefore, the organisations create a highly detailed data breach response plan. The Office of the Australian Information Commissioner (OAIC) recommends that a data breach response plan follows four key steps: Contain, Assess, Notify, and Review.
The first step upon detecting a data breach is containing it as much as possible by limiting any further access or distribution of the affected personal information and preventing the compromise of other information. To do this, you may need to change access credentials or shut down the affected system altogether.
The next step is evaluating the extent of the damage, and attempting to mitigate it where possible. This means gathering as much information about the breach as possible, and considering whether remedial action, such as recovering lost information or changing credentials on compromised accounts, can be taken to reduce potential harm to individuals.
If the assessment reveals that the data breach is likely to result in serious harm to the individuals involved and remedial action has not resolved this, then according to the guidelines of the Notifiable Data Breaches scheme, organisations must notify the OAIC and the affected individuals.
Notifying individuals about a data breach is a highly important step, not only because it allows individuals to take proactive steps to prevent potential harm to themselves, but because it also helps an organisation repair its reputation. Remember, it never looks good if an organisation is caught covering up a breach, as Uber was in 2017.
Once the data breach has been appropriately dealt with, organisations should then take the time to review the incident in order to reinforce or update security measures to prevent future breaches.
While data breaches are relatively common, there are a number of data security strategies that organisations can take to reduce the likelihood and magnitude of a breach, including:
Ransomware attacks and phishing scams are on the rise, meaning it's more important than ever to ensure that your print and document environment is protected against cyber attacks. Book a free security audit today to find out exactly where your vulnerabilities are and how to mitigate them.