Home Business IT Security Businesses unaware and unprepared for privacy reforms

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!

Over one third of Australian businesses are in the dark about amendments to the Privacy Act which are due to come into effect March 2014, new research shows.

The finding comes from ‘The Enemy Within’, a research report that was released today by cyber-security firm Clearswift, which found a major lack of awareness amongst businesses about upcoming changes to privacy legislation and wider challenges.

78% of IT security decision makers admitted it is difficult to keep up with the ever changing security landscape, while almost a quarter of organisations (24%) have suffered some form of data security incident in the past 12 months

The proposed mandatory data breach legislation could come into effect next year, meaning businesses should start learning about how they'll be affected.

The legislation, which will require organisations to report data breaches they suffer to impacted customers, has yet to enter most organisations’ security considerations, with 73% of IT decision makers indicating they are unaware of the proposed legislation.

Michael Toms, Clearswift ANZ Regional Director, said he's alarmed by the number of organisations unaware of the upcoming changes to legislation and the lack of business preparedness.

“We are surprised by not only the number of organisations unprepared for the significant impact these legislative changes will have on their business, but that many businesses aren’t even aware of that the changes exist. Over half of the respondents we surveyed work in compliance so it’s concerning those responsible for ensuring their business is on top of the regulatory environment are in the dark,” Toms said.

“The new legislation encourages more transparency for customers in how their data is being used, with increased powers for the privacy commissioner and large fines of up to $1.7 million for non- compliance. That type of fine is not small change for many Australian businesses so it’s vital businesses take action now to protect the sensitive information they hold.”

Toms also warned that businesses should not just be reacting to changes in government legislation when it comes to avoiding data breaches.

“The real focus shouldn’t be in complying with the proposed legislation in the event of a data breach; rather investment should be made to avoid breaches in the first place. The reputational damage a breach can have on an organisation is huge and will become greater as changes to legislation increase transparency," he said.

“The first step any business should take to protect the information it holds is to assess where the risk of data breaches could come from. Given breaches are more likely to come from an employee sending an email to the wrong recipient or via a personal email account than a large scale espionage hack, resources and policies should be in place that reflect that."


Tomorrow, 26 August we’re delivering a FREE day of high-impact content to give you the know-how to lead in the App Economy. Please don’t be sorry you missed it.

• Keynotes on how software is rewriting businesses the world over, including our own backyard

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Streams covering DevOps, Security and Management Cloud from pioneers at the coalface.

Register Now - it's FREE!



Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup


David Swan

David Swan is a tech journalist from Melbourne and is iTWire's Associate Editor. Having started off as a games reviewer at the age of 14, he now has a degree in Journalism from RMIT (with Honours) and owns basically every gadget under the sun. He also writes for Junkee and Fasterlouder. You can email him at david.swan@itwire.com or follow him at twitter.com/mrdavidswan