The financial sector is one of the most threatened by data breaches - InvestorDaily

The financial sector is one of the most threatened by data breaches – Usdafinance

The data breach notification system was established over a year ago when it became a legal requirement for entities to carry out an assessment whenever they suspect there has been a breach. data breach.

The report, which looks back over the past 12 months of the program, reveals that the financial sector has the second highest number of data breach notifications under the program.

In 12 months, the NDB reported 964 notifications, 134 of which came from the financial sector, with human error accounting for 41 percent of data breaches.

“The consistent presence of the healthcare and financial sectors at the top of the ranking throughout the year likely reflects the scale of data banks, the volume of processing activities and/or the sensitivity of personal information held by these sectors, as well as better preparedness to report data breaches,” the report states.

The system is clearly working given that data breach notifications increased from 127 under the voluntary system in 2018-19 to 722 under the mandatory system.

The report also acknowledges that the financial sector has achieved significant financial rewards for cybercriminals, which it attributes to the increase in attacks in recent years.

“As a result, a high proportion of breaches in the financial sector (56%) were attributed to malicious or criminal attacks,” it says.

Despite this, contact details were the most common form of personal information disclosed in data breaches, accounting for 86% of notifications.

More than half of all breaches (60%) at regulated entities were attributed to malicious or criminal attacks, with phishing remaining the most common method.

There were also 28 percent of cyber incidents where credentials were obtained through unknown means because the entities had not detected any phishing-based compromise.

Fortunately, 83% of breaches affected fewer than 1,000 people, with most attacks affecting only one person, but there were 19 attacks that affected an unknown number of people.

Australian Information and Privacy Commissioner Angelene Falk, who manages the program, said many entities were actively engaged in the project to create best practices.

“Many entities have taken a proactive approach in engaging with the OAIC, and we have been able to work constructively with them in their response.

“As the year progressed, some maturation emerged in entities assessing the likely consequences of a data breach and in their subsequent notification processes,” she said.

Going forward, Ms. Falk said she expects entities to take proactive steps to prevent violations.

For the financial sector, steps are already being taken with the introduction of APRA’s Prudential Standard on Information Security, which will help ensure the financial sector is resilient to information security incidents.

“I encourage entities regulated by the Privacy Act to review the report and use lessons learned to improve their prevention and response strategies for the benefit of all Australians,” Ms Falk said.

More From Author

HAFF delivers strong response in first round with $9.2 billion commitment - InvestorDaily

HAFF delivers strong response in first round with $9.2 billion commitment – Usdafinance

An AI wave to put infrastructure themes into hyperdrive – Usdafinance

Leave a Reply

Your email address will not be published. Required fields are marked *