Centrify, delivering Zero Trust Security through the power of Next-Gen Access, warns that many Australian businesses need to rethink their approach to security to prepare for the new mandatory data breach notification law taking effect this month.
The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organisations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and also report the incident to the Privacy Commissioner.
The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records held by organisations including Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others. Penalties range from fines of $360,000 for individuals to $1.8 million for organisations.
Centrify Senior Director APAC Sales Niall King said many businesses were security “sitting ducks” because their defences were out of date. “Today, businesses use a combination of cloud, on-premises and mobile services, which means traditional perimeter-based security is no longer effective,” he said.
“This is evident from research such as Verizon’s 2017 Data Breach Investigations Report (DBIR) which revealed that compromised identities were responsible for 81 per cent of all data breaches.
“Centrify believes that companies need to adopt a Zero Trust security model which centres on the concept that users inside a network are no more trustworthy than users outside the network.”
Mr King said Centrify-sponsored research in Australia, conducted by Ponemon Institute, revealed that publicised data breaches damaged both corporate value and customer trust. “This study shows that many companies underestimate the true impact of a data breach,” he said.
“Ponemon found the stock value index of 113 randomly selected global companies declined by an average of five per cent on the day a data breach was disclosed and experienced a customer churn rate of as much as seven per cent. Also, one third of Australian consumers impacted by a data breach reported they had discontinued their relationship with the organisation that experienced the breach.
“This is a vital lesson for organisations to learn as Australian law mandates data breach disclosures.”
Mr King said companies needed to re-evaluate their entire security posture from the ground up, by focusing on protecting identities rather than the network perimeter. “The solution is available,” he said.
“Through a unified, integrated solutions offering, Centrify provides identity services for all users across applications, endpoints and infrastructure, allowing organisations to implement Identity-as-a-Service (IDaaS), single sign-on (SSO), multi-factor authentication (MFA), enterprise mobility management (EMM), privileged access management (PAM) and User Behavior Analytics (UBA) technologies.
“This identity-centric rethink of security can directly address the more than 80 per cent of data breaches that arise from compromised identities, which dramatically reduces the risk of having to report a data breach.”
Centrify delivers Zero Trust Security through the power of Next-Gen Access. Centrify verifies every user, validates their device and limits the amount of access and privilege to resources while continually learning & adapting. Centrify Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a-Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) Over 5,000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
- Centrify extends protection to wearable devices Centrify overnight announced at Mobile World Congress in Spain that it has widened its lead in mobile security by combining multi-factor authentication and single sign-on for the n...
- Centrify showcases Centrify Identity Service for SAP NetWeaver at SAPPHIRE NOW Centrify, an SAP partner, overnight announced that it will participate at SAPPHIRE® NOW and ASUG Annual Conference being held May 17–19 in Orlando, Florida, in booth 1246...
- Centrify raises Morwood to regional sales Unified identity management leader Centrify has appointed technology industry veteran Derek Morwood as regional sales manager, responsible for Australia, New Zealand and India. Wi...
- HSBC Bank Deploys Centrify Suite to Centrally Manage Security and Auditing for Worldwide IT Operations Leading Worldwide Financial Institution Uses Centrify to Secure Access, Improve Auditing, and Manage User Accounts SUNNYVALE, Calif., and BRACKNELL, UK — Centrify Corporation, th...