Government proposes $50m data breach fines
The Australian government will introduce new legislation to increase data breach penalties, with fines of up to $50m being proposed.
Attorney-general Mark Dreyfus announced on 22 October that the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, is set to significantly increase fines in the event of serious or repeated privacy breaches.
Australian organisations could now face drastic fines for any future cyber security incidents that involve a breach of customer data.
This significant shift in Australian privacy legislation comes after multiple Australian companies were targeted in landmark data breaches, including Optus, MediBank, MyDeal and VinoMofo.
The current level of penalty for such incidents’ came under heavy criticism from multiple government figures with fines being capped at only $2.2 million.
As these penalties dramatically increase, organisations should be incentivised to invest in proper safeguards and cybersecurity, to avoid hefty fines and to keep their customers information secure.
Do you know your Cyber Security capabilities, and your level of risk? Do you have a clear plan on how to improve your capabilities? Would you know what do to do if you had a cyber security incident?
With over 20,000 new vulnerabilities released in a year, it can be difficult to keep track of all the new vulnerabilities that are discovered every day, and sometimes it feels like we’re fighting a losing battle.
Acurus helps companies start to build Cyber Security resilience by aligning to the ACSC Essential 8 as a starting point. We then help companies build out sophisticated and mature IT security capabilities and standards.
Request a free Essential 8 assessment to start your journey on protecting your company, employees and customers below.