The State of IT Automation: New Pressures Invite New Opportunities Read Report

Australia’s Mandate for Security Incident Response: What you Need to Know About the Notifiable Data Breaches Scheme

Australia’s Mandate for Security Incident Response: What you Need to Know About the Notifiable Data Breaches Scheme
February 21, 2018 • Resolve Staffer

As an update to the Privacy Act 1988, Australia’s Notifiable Data Breaches scheme (NDB) has officially come into force as of 22 February, 2018. This new provision mandates Australian government agencies and other enterprises securing personal information must notify the Office of the Australian Information Commissioner (OAIC) of data breaches expected to result in harm.

NDB applies to businesses, government agencies, and organizations already included in the Privacy Act and is supported by Australian citizens. 93% of Australians do not trust their data overseas and overwhelming think they should be informed if their data is lost according to the Australian Community Attitudes to Privacy Survey 2017.

  • 94+% believe they should be notified if a business or government agency loses their information
  • 79% do not want their data shared at all with other organizations

“With such strong nationwide support for mandatory data breach reporting, Australia is taking security incident response seriously with the new mandate,” said Tho Yeong Chien, Resolve Systems’ VP of APAC. “There is a certain level of perceived risk with online services and people don’t trust their data is protected. The new scheme just reaffirms security incident response’s importance. Responding to a data breach in the most accelerated way will continue to instill consumer confidence.”

What Needs to be Reported?

A data breach worthy of this reporting is classified as personal information held by an organization is lost or subjected to unauthorized access or disclosure. This includes when personal information is hacked or mistakenly given to the incorrect individual.

When assessing a suspected data breach, consider three things:

  1. Are there reasonable grounds to believe there is an eligible data breach? This will require prompt notification.
  2. If your SOC suspects an eligible data breach, assess the situation and figure out whether or not personal data was lost.
  3. Accelerate security incident response by assessing, validating, and responding expeditiously.

Do you need to assess your readiness for a security incident response platform? Read the datasheet now.

“By reinforcing accountability for personal information protection, the NDB scheme supports greater consumer and community trust in data management. This trust is key to realizing the potential of data to benefit the community, for example, by informing better policy-making and the development of products and services,” said Timothy Pilgrim, Australia’s Information Commissioner.

Data Breaches Are Not All Notifiable

Identify eligible data breaches – and reduce the false alerts from your SIEM – by following the following criteria:

  1. Is there unauthorized access or disclosure of personal information?
  2. Was there a loss of personal information?
  3. Will the loss of this information result in serious harm?
  4. Were you unable to prevent a viable breach?

SOCs need to think beyond prevention and detection. Read 451 Research’s Business Impact Brief now now.

There are still further exclusions from NBD. Read more about the exceptions, including any notification already covered by the My Health Records Act of 2012 on the OAIC website.

With a mandatory statement prepared for the Commissioner when a notifiable breach occurs, with an established form already prepared, what can security operations teams do?

Accelerate Security Incident Response

Enterprises looking to protect personal information – especially in regulated industries lacking consumer confidence like insurance, banking, and finance – will need to not only be alerted to a security incident, but prioritize real alerts by validating and responding to them promptly. When 69% of Australians express concern about cybersecurity privacy, instill confidence with an enterprise-wide automation and orchestration platform to respond to threats in the quickest way.

“Generally, entities have 30 calendar days to conduct this assessment. However, entities should treat this as a maximum time limit and endeavor to complete the assessment in a much shorter timeframe so that any risks of serious harm to individuals are addressed as quickly as possible,” reaffirmed Timothy Pilgrim in an interview with MinterEllison.

Resolve’s security orchestration and automation platform is the global leader to accelerate security incident response to contain a breach and execute response across the entire enterprise.

Ready to learn more about achieving resolution by responding to security incidents? Read the white paper now.


About the Author, Resolve Staffer:

This post was written by one of the awesome contributors on the Resolve team.

Recommended Reads

What Is the State of IT Automation Going into 2023?

What Is the State of IT Automation Going into 2023?

Where is automation heading? Business leaders track the latest trends.

Automate. Innovate. Celebrate.

Automate. Innovate. Celebrate.

Automation is the backbone of the digital enterprise.

Observability and Auto-Remediation

Observability and Auto-Remediation

Learn how Resolve addresses alert overload with auto-remediation