Just this morning, we’ve seen the publicity regarding the contractor breach exposing 50,000 Aussie government and bank staff records. And recently, much media attention was given to the theft of confidential technical information about new fighter jets, navy vessels, and surveillance aircraft from an Australian defence contractor.
In February 2018, new legislation for mandatory data breach notifications will be introduced as an amendment to the Australian Privacy Act. This amendment will apply to all organisations required to comply with the Australian Privacy Act 1988 and could result in penalties for non-compliance of up to $1.7M for organisations and $300,000 for Directors.
The recent data breach at US credit reporting firm Equifax provides a valuable lesson.
Although the term “lessons learned” is commonly heard now, many organisations, certainly in Australia, do not actually utilise this valuable opportunity for risk management.
ICT leaders can demonstrate the value of ICT by informing other executives within their organisations of the risks and success stories associated with projects and, by promoting learning for the governance function.
Clearly identified project benefits and a benefits review are key to achieving the best return on investment for your organisation.