It’s been a tough few weeks for cybersecurity in Australia. In just five weeks, six major privacy breaches have occurred, affecting more than 14 million customer records. To add insult to injury, the companies responsible for these breaches face hundred million dollar fines. This brings Australia closer to the tough penalty regime used in Europe, where companies can be punished for major privacy breaches with fines up to $30 million or four percent of global turnover from the previous year depending on which is higher. Clearly, data security is no longer an afterthought – it’s something that needs to be taken seriously by all businesses. Here’s a look at the high cost of privacy breaches, and what companies can expect to pay if they’re found responsible.
What Companies Can Expect to Pay
Optus and Medibank are just two of the companies that have been hit with major privacy breaches in recent weeks. In Optus’ case, the personal details of nearly 2.1 million customers were exposed, while in Medibank’s case, the private health information of 1 million customers was compromised. According to The Age, Under legislation to be rushed into parliament next week, the maximum penalty for serious or repeated violations of the Privacy Act will increase to $50 million from the current $2.2 million. Depending on the value of the stolen data and the company turnover, penalties could be even higher than $50 million.
The recent news of a massive data breach at Medibank, one of Australia’s largest health insurance providers, is a stark reminder of the high cost of cybersecurity breaches.
According to a recent study by IBM, the average cost of a data breach in Australia is now USD 4.35 million dollars. This is up from USD 4.24 million dollars in 2021. The average cost has climbed 12.7% from USD 3.86 million in the 2020 report.
The five most costly industries are:
- Healthcare
- Financial
- Pharmaceuticals
- Technology
- Energy
In the case of Medibank, it is estimated that the total cost of the breach could be as high as $100 million. This includes the cost of notification and customer support, as well as possible fines from regulators.
The Importance of Investing in Cybersecurity
These breaches are a stark reminder of the importance of data and information security, and the high cost of failing to protect customer information. With new laws coming into effect that will significantly increase penalties for privacy breaches, companies need to make sure they have robust cybersecurity measures in place to avoid costly fines.
For companies, the best way to protect against these high costs is to invest in cybersecurity. This includes things like training staff, implementing security protocols and strategies like Essential Eight, implementing ISO 27001 compliance, and investing in the latest cybersecurity technology.
While the cost of a cybersecurity breach is high, the cost of not taking action to protect your organisation is even higher.
Act now and get security solutions that evolve with your business
Your business data may be at greater risk than you think. Cybercrimes are becoming more sophisticated and are increasingly difficult to stop. To beat hackers at their own game, partner with the most reliable cybersecurity consultants for your industry.
For the most comprehensive, layered security solutions, fill out the contact form and book your Free Security Assessment.