Why aren’t businesses taking cyber security seriously?
Business people that we speak with are usually saying one of two things.
“We don’t have that much data anyway.”
“Hackers don’t care that much about my data.”
We, however, always tell them the same answers. A data breach, big or small, can make clients and vendors wary of using your services or terminate such services. Or, in some cases, wreak havoc over an organisation, causing them to be uncontactable and disrupting major business operations.
One such example of the latter is Latitude Financial Services. Experts describe this as a supply chain attack, where cybercriminals gain access through a third-party vendor and then find their way through to another company (e.g. Latitude Financial Services). The financial services provider suffered a breach on Thursday 16th of March with over 300,000 people’s personal financial information and identification, such as licences and medicare cards, exposed and possibly more to come. The investigation is ongoing.
To make matters worse, people currently using Latitudes services have tried to contact them via their customer service support centre. Still, they have yet to succeed, as the service is now unavailable.
This response can lead to the unfortunate conclusion that no formal incident response plan exists. The fact that people need help contacting Latitude, the vague nature of informing their customers of the breach and the various things offline in their ecosystem without proper explanation are telltale signs.
With changing policies and Australians becoming increasingly aware of data breaches affecting their lives, is it time companies operating in Australia are held to some regulatory standards before being allowed to conduct business? Now joining companies like Optus and Medibank Private in breaches affecting hundreds of thousands of Australians. It makes you question how sophisticated these breaches are or if these big companies are being relaxed with all the data they hold and not being accountable for their cybersecurity needs.
Is this finally the wake-up call that businesses need to take cybersecurity seriously?
SOURCES:
Leave a Reply