OAIC Data Breach Report
Discover which industries were hit the hardest
As cyber-attacks become more frequent and advanced, it is vital for organisations across all industries to ensure they are doing everything they can to prevent data breaches. The Office of the Australian Information Commissioner (OAIC) recently released its July 2018 quarterly data breach report, revealing that the second most common cause of data breaches was human error. Organisations could save up to millions of dollars annually by investing in adequate security protocols and staff training.
The report outlines data breach notifications in the following industries:
- Business/Personal Associations
- Education
- Legal, Accounting & Management
- Finance
- Health Service Providers
Of all the aforementioned industries, the health care sector reported the most data breaches for 2018 thus far, with 59% of the reportable breaches resulting from human error.
However, what exactly is ‘human error?’ The OAIC defines human error as, “an unintended action by an individual directly resulting in a data breach.” An example of this is inadvertent disclosure caused by sending a document containing personal information to the incorrect recipient.
Human error makes it easier for other forms of malicious data breaches to take place. IBM estimates that data breaches recorded by healthcare organisations cost them up to $549 (AUD) per lost or stolen record, which is nearly three times higher than the cross-industry average.
Forms of human error data breaches include (but are not limited to) the following:
- Insecure disposal
- Loss of paperwork/data storage device
- Failure to use BCC when sending emails
- Unauthorised disclosure (verbal or non-verbal)
While cyber-attacks are complex, how you prepare your organisation and your staff doesn’t have to be. By ensuring your team are aware of security best practices, you can lessen the possibility of data breaches caused by human error.
Subnet can perform a comprehensive security assessment, design and implement an effective solution to help protect your organisation from malicious attacks. We’ve leveraged the principles of ‘The Five Knows’ co-authored by Rachael Falk who leads the Cyber Influence Team in Telstra Security Operations to generate our health assessment protocol. The Five Knows include:
- Knowing the value of your data
- Knowing who has access to your data
- Knowing where your data is
- Knowing who is protecting your data
- Knowing how well your data is protected
It is essential to remember that cyber threats continue to evolve at a rapid rate; thus, it is crucial to adopt an adaptive security solution that can protect your organisation in the long run.
Fill in the form to download the OAIC’s quarterly data breach report.
