No. 1 Story

Construction needs cloud flexibility

Australia’s embattled construction sector could benefit from cloud based information systems that can be switched on and off in lockstep with individual projects – with the exception of those organisations based in remote areas like the Kimberleys.

read more

More From

Popular Threads

Symantec questions political will on data breach laws

Beverley Head
Tuesday, 13 September 2011 17:33

IT Policy - Government Tech Policy

View Comments

Australia's unstable political environment is unlikely to prove conducive to the swift passage of proposed changes to Australia's privacy regime, and particularly the adoption of proposed data breach notification rules according to security business Symantec.

The Australian Law Reform Commission first proposed the introduction of legislation compelling organisations to disclose data breaches in 2008. But Australia still lacks such legislation, and Craig Scroggie, vice president and managing director of Symantec in the Pacific Region today called into question the political will to drive such changes through.

According to Mr Scroggie the Federal  Government is acutely aware of the issue, particularly given its push on e-health which will see private health records made available over the internet to authorised health professionals. But he acknowledged that introducing legislation obliging organisations to disclose when they had been hacked or their data compromised was; 'very sensitive because it has implications for the Government to comply with that legislation.'

'Maybe we've got too much political uncertainty in our environment to tackle some of those very complex and politically sensitive issues,' he said. 'I hope it happens soon - but ultimately in politics someone has to be prepared to drive that issue and in an unstable political environment the big issues are not easy to get through.'

Mr Scroggie said that he believed it was important that legislation was introduced which not only obliged organisations to keep secure and private consumer or citizen information but to also, in the event of a breach advise not just an industry regulator but also; 'the individual what was lost and what action should be taken.'

The only acceptable exception to notification he said was where an organisation had its security breached, but data was encrypted to such a high standard that it was not considered a privacy risk.

Privacy, security and identity management were all issues that the Government was grappling with, according to Mr Scroggie. 'These issues are top of mind '¦ the big issue is how does government come together to work as one team, as one government rather than the independent stakeholders they are today.'

While Mr Scroggie believed large enterprises were reasonably well positioned to respond should data breach notification come into force, the small and medium enterprise section would have work to do as he claimed only about a third had security systems in place.

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases