Mandatory Data Breach Notification Laws: Are You Ready?
From February 2018 Australian companies will be required by law to notify data subjects and regulators in the event of an "eligible" data breach.
Notifiable Data Breach (NDB) implications for email
Email is a critical business communication tool and by its nature contains personal information stored in mailboxes and data archives. However, spear-phishing, ransomware, and impersonation attacks are plaguing organisations, with 90 percent of phishing cybercrime exploits starting with email, making it the single biggest threat vector to businesses and the data they manage. Organisations will be obliged to carry out a security assessment in the event of a suspected breach of their email systems. They will also need to complete the assessment within 30 days of becoming aware of the breach.
Failure to comply with the mandatory notification scheme, would be an “interference with the privacy of an individual, “making the organisation liable for penalties ranging from AUD360,000 to AUD1.8 Million.
Stopping data breaches with Mimecast
- Mimecast provides numerous ways to help prevent data breaches of email systems and facilitate data breach notifications associated with email.
- Mimecast Targeted Threat Protection helps organisations defend against email-borne impersonation attacks, ransomware and phishing, the latter two often use weaponised attachments and malicious URLs. It also defends against internal threats whereby compromised, careless or malicious employees send internal email containing malware to other internal or external recipients.
- Mimecast Content Control & Data Leak Prevention (DLP) capabilities protect organisations against data leakage via email including intellectual property, customer details and other sensitive information. Secure communication policies can be created and applied to outbound traffic in real-time to ensure only authorised recipients can access personal and sensitive information.
- Mimecast cloud archiving offers immutable, encrypted data storage with fine-grained controls to prevent unauthorised access to personal information stored in email archives.
- Mimecast APIs provide real time information to Security Information Event Management (SIEM) tools to identify and prioritise threats to email systems and also facilitates more effective incident management in the event of a data breach.
Learn more and watch this on demand webinar here.
Garrett O'Hara, Principal Consultant from Mimecast will present on the implications of the NDB laws and introduce a framework to help ensure your organisation is ready for the upcoming legislation.
Martin Littlewood, Head of Cyber Security for SecurePay will share industry insights on best practices and lessons learned from some recent breaches.
Kate Carruthers, Chief Data Officer UNSW, will discuss the practicalities of getting ready for the MDB legislation.