As a Board Member, Owner or CTO,
Why should I care about Cyber Security and ‘The Essential 8’

Board members and owners are increasingly being held liable for security breaches, data loss and personally identifiable information (PII) loss because of cyber security breaches.

In November 2022, the Australian Parliament approved the Government’s privacy penalty bill which results in significantly larger privacy breach fines.

Significantly larger privacy breach fines pass Parliament.

Companies now face a fine of $50 million for “serious or repeated” privacy breaches while the privacy watchdog will have stronger powers after legislation passed Parliament on Monday.
The Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 passed both houses of Parliament with bipartisan support on Monday with a minor amendment, and will become law after receiving Royal Assent.
The bill substantially increases the fine for companies that breach the privacy of their customers or clients and hands new powers to the Office of the Australian Information Commissioner (OAIC) to combat data breaches.

As identified in this article, there is no differentiation between a large multi-national organisation, a local business or even a charity for the application of these fines.

However, by demonstrating that your company has implemented a complete cyber security process and is able to show a ‘security maturity’ it is possible to mitigate this liability risk.

One of the most effective ways to demonstrate security maturity is by aligning with the Essential 8, a set of mitigation strategies designed by the Australian Cyber Security Centre (ACSC), that once implemented, are designed to make life hard for would-be attackers.
Some of the benefits of implementing the Essential 8 are:
  1. Provides the ability to demonstrate your companies ‘security maturity’ which can mitigate your risk liability,
  2. an improved security posture will reduce your exposure to cyber threats,
  3. attaining an Essential 8 maturity level may lead to a reduction in your cyber insurance,
  4. attaining an Essential 8 maturity level can also be used as a marketing tool.

Click here, to find out how more about the benefits of implementing the Essential 8

For a simple Essential 8 explanation check out What is the Essential 8