Australian businesses are completely unprepared

“Organisations across Australia don’t really understand the risks, or what is required and they are not implementing technology or procedures to reduce the risk,” said Security In Depth chief executive Michael Connory.

Australian businesses are “completely unprepared” for cyber attacks or data breaches, with reported incidents increasing by more than 700 per cent since February last year, costing the nation $7.8 billion, a report has revealed.

Data Hacking: It is not If, It is When…….

This list is the number of reported data breaches from January to June in 2019.  Over 42 businesses reported major breaches to the OAIC this year to June.

June 2019

  • Symantec
  • Australian Catholic University
  • Revenue NSW
  • Australian National University

May 2019

  • Microsoft
  • Princess Polly
  • Canva
  • Instagram
  • CCH software
  • Binance
  • Twitter
  • WhatsApp

April 2019

  • WPA3 Dragonfly
  • Wipro
  • Speedrun.com

March 2019

  • Australia Post
  • ASUS
  • Bank of Queensland
  • Kathmandu
  • Citrix

February 2019

  • Melbourne Hospital
  • Coffee Meets Bagel
  • Honey
  • Toyota Australia
  • LandMark White
  • Department of Parliamentary Services
  • Bunnings

January 2019

  • Facebook
  • Global Hacking Scare
  • SkoolBag
  • Optus
  • Collection #1
  • Fisheries Queensland
  • First National Real Estate
  • Department of Planning and Environment, NSW Major Projects
  • Victorian Government
  • Marriott Hotel Group / Starwood
  • Early Warning Network
  • Big W
  • Hawthorn Football Club
  • Nova Entertainment
  • My Health Records
  • Victorian Public Servants

What PDSS has to offer.

PDSS is a business management consulting company that specialises in IT security gaps and risks in your business.
We tailor documentation and install Information Security Management Systems to achieve compliance and certification to ISO 27001, written specifically for the Valuations industry.

PDSS builds the ISMS to be compliant with ISO 27001 incorporating controls for CPS 234, the APPs and GDPR, as required by the banks and Core Logic.
The framework remains elastic and manageable to future requirements.

PDSS has a proven track record of installing ISO 27001 with the required bank compliance requirements and successfully having the system certified.

Australian
Privacy Principles

ISO 9001 / ISO 27001
Quality Management Systems

APRA
Standard CPS 234

GDPR
Compliance

An effective ISO 27001 information security management system (ISMS) provides a management framework of policies and procedures that will keep your information secure, regardless of the format.

The flexibility of the framework allows other standards and contractual requirements to be easily integrated into the controls making only one system to follow in your business.

Contact us

it was troubling that among almost 2000 companies – in sectors including finance, health, education, government, manufacturing, technology, professional services and retail – almost 40 per cent did not provide any cyber awareness training to staff.
Further, more than 70 per cent of all data breaches at Australian businesses were caused by human error.

Security In Depth chief executive Michael Connory.

Why SMEs need data security.

It is not just about meeting contractual requirements, it is about business survival.
Across the board, small businesses tend to have easier security to crack than their larger counterparts. This has been true for almost as long as the internet has been available, but hackers have historically tended to focus on the bigger targets due to the ratio of effort and risk to reward.

While larger businesses have been hardening their defences, smaller businesses have had a tendency to believe that they are beneath the radar of hackers. This happens with troubling frequency even when that particular business has suffered a data breach in the past.

I have an IT Provider

Most businesses outsource their IT services as this is a cost effective, provides expertise, and access to resources like a help desk.

Of course, outsourcing also has its disadvantages.
For instance, trusting a third-party provider for all of your company’s IT needs can create serious security issues.

Outsourcing is not a panacea, if your business is having trouble managing technology on its own, it’s likely that an IT outsourcing provider will be bound by the same constraints that make in-house management difficult — poor system construction, inefficient communication, and lack of scalability. These problems are not something an outsourcing company will be able to fix overnight.

You cannot rely on your provider knowing what your specific requirements or contractual obligations are in relation to data security.

What is you back up schedule?
Does your telephony go though your firewall?
Has a back up image been restored to make sure it works? How long it will take?
How are old computers and the disk drives disposed of?
How do you manage who has access to your data?

PDSS can bridge that gap by installing ISMS procedures and putting management and oversight of your provided IT systems back under your control.

Contact us