CYBERSECURITY Incidents and Notifiable Data Breaches
We have developed deep, hands-on domain knowledge of cybersecurity and understand the growing challenges and threats in this area from a combined commercial, technology and legal perspective. See more details about the services we provide in CyBiz Cybersecurity Consulting.
CYBERSECURITY PREPAREDNESS
The core goal of Cyber Preparedness is to implement practical steps for an organisation to be ready to face a Cyber-attack. Although every employee within an organisation bears some level of responsibility for establishing and maintaining Cybersecurity in an organisation, it is the responsibility of the Board and the Executive team to ensure the organisation has adopted a strategic program to understand and manage Cybersecurity risk within the organisation and adopt measures to ensure Cyber Preparedness.
As part of our Cyber Preparedness services across People, Process and Technology, we can support you by:
Developing detailed Cybersecurity policies, procedures and controls for organisations including Cybersecurity and Data Protection Policies, Privacy Policies, Mandatory Data Breach Reporting Plans, Incident Response Plans
Preparing or reviewing Cybersecurity contracts – Cybersecurity and general technology/SAAS agreements; Information Security Agreements for third-party access; Updating Cybersecurity and privacy clauses in contract templates. Developing clause bank of Cybersecurity and privacy clauses;
M&A – Cybersecurity due diligence, Cybersecurity reviews and reports pre and post-acquisition
CYBERSECURITY INCIDENT RESPONSE
Time is critical when managing response to a Cybersecurity incident. Our cross-functional teams and partners can assist organisations to manage the immediate response to a Cybersecurity Incident during the critical 24 to 72 hours. During a Cybersecurity incident, we assist with managing the incident response through critical technical support, crisis management and legal support until the incident has been resolved and business operations and systems are functioning as usual.
PRIVACY POLICY AND NOTIFIABLE DATA BREACHES REPORTING
Mandatory data breach reporting obligations under the Privacy Act’s Notifiable Data Breaches scheme recognise that strong data management is integral to the operation of businesses and that people who interact with a business have to trust that their privacy is protected and be confident that personal information will be handled in line with their expectations. In this context, one of the biggest risks organisations face is a data breach. Even organisations with great information security can fall victim to a data breach, due to the rapid evolution of data security threats and the difficulty of removing the risk of human error in large and complex organisations. A data breach involving personal information can cause serious harm to affected individuals, damage a business’ reputation and lead to significant financial costs.
We can support you by:
Ensuring contracts have privacy clauses to protect your business in the event of a data breach
Prepare Data Breach Response Plan
Assessing whether an eligible data breach has occurred and whether disclosure is required
Reviewing data contracts with offshore service providers