proactive cybersecurity

(Source – Shutterstock)

Australia’s reactive approach towards proactive cybersecurity

A proactive approach to cybersecurity is what businesses should be looking for to ensure they are well prepared to deal with any cybersecurity problems. Not only does it provide more visibility and preparedness to deal with cyber threats, but it also enables an organization to be in control of its cybersecurity.

Now, a reactive approach is what normally happens when an organization is breached. This includes everything from investigating the breach to restoring their backup to even scanning the system for more vulnerabilities.

The recent data breach in Australia involving Singtel-owned Optus which compromised the data of up to 10 million users, is now being set as a benchmark for how the Australian government plans to tackle data breaches in the future. But the reality is, this is a reactive approach that they are embarking on.

According to a report by Reuters, Australia’s prudential regulator will collaborate with the government and other regulatory bodies for a “controlled process” of data sharing between its regulated entities and Optus.

Apart from Optus, Telstra also experienced a minor data breach. Both incidents are now serving as a wake-up call for regulators and lawmakers. The Australian government is already looking to overhaul consumer privacy rules, including changes that will allow telcos to share government-issued identification documents with banks.

The changes will allow telcos to implement enhanced monitoring for customers affected by a data breach, in addition to fraud detection in the broader financial services sector.

This includes enabling telcos to share government-issued identification documents with banks to allow them to implement enhanced monitoring for customers impacted by data breaches.

“They’ve been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available temporarily to prevent and respond to cyber security incidents, fraud, scams, and related activities,” treasurer Jim Chalmers said during a media conference, reported Reuters.

However, all these changes and amendments to data regulation could and should have been done even before a data breach had occurred. Taking Europe’s GDPR as an example, the implementation of the law is so strict that a tech company is being fined a huge amount almost every month for the way it uses data.

It remains to be seen how much the telco company will be fined by the Australian government. Currently, Australia’s maximum fine is AUD$2.2 million under its privacy act, an amount many feel is not high enough. In fact, Australia’s Prime Minister wants Optus to pay for the replacement of passports that have been compromised.

While the hacker who claimed to have breached Optus and stole the data has withdrawn their extortion demands after facing increased attention by law enforcement, not all cybercriminals and hackers would do the same.

As such, as the Australian government works toward this reactive approach to cyber breaches, organizations should look to more proactive cybersecurity to securing their organization. Breaches will only continue to occur and businesses need to be sure they are well prepared to deal with them.