Cyber security: Potentially a serious issue for small business

The most common types of threats include Malicious Software (Malware), Scamming Emails (Phishing) and Ransomware

The consequences of a Cyber security incident can be significant.  It could be the loss of critical business information, loss of productivity, or even complete shutdown for periods of time until the issue is resolved.

The Australian Government Cyber Security Centre (ACSC) provides resources and checklists for individuals and families, small and medium businesses, and organisations and critical infrastructure providers.  For more information please refer to their website at Small Business Cyber Security Guide | Cyber.gov.au.

Importantly, businesses operating in Australia are governed by Data Breach Notification Law.  

The Data Breach Notification Scheme in Australia requires organisations covered by the Privacy Act 1988 to notify affected individuals and the Office of the Australian Information Commissioner when a data breach involving personal information is likely to result in serious harm and where the organisation hasn’t been able to prevent or mitigate the likely risk of serious harm with remedial action.  In essence, this requires all data breaches to be disclosed.

If your business is operating in Australia and you suffer a data breach, please do not hesitate to contact Baumgartners for confidential guidance on both your minimum obligations under the law and the best commercial approach you can adopt to protect your business.