The Office of the Australian Information Commissioner (OAIC) has released its first full-year insights on notifiable data breaches that were reported between April 2018 to March 2019. Key results highlight that of the 964 eligible breach notifications reported:
- 580 (or 60%) were attributed to malicious or criminal attacks.
- Of those 580, 394 (or 68%) were cyber incidents resulting from common threats such as phishing, malware, ransomware, brute force attacks, compromised or stolen credentials and other forms of hacking.
- The remaining 186 (or 32%) of those 580 were the result of theft of paperwork or a data storage device, social engineering or impersonation, or an act of a rogue employee or insider threat.
These annualised results continue to support our previous article published back in July 2018. It remains relevant for organisations to better protect the personal information they hold, through establishing a regular program of security assessment and testing. Identifying and remediating vulnerable targets before they are compromised will always be a key defence against data breaches.
Alcorn Group specialises in performing vulnerability assessments and penetration testing, which combined with our other services such as red teaming, threat risk assessments, and incident planning and response, can provide a broad and effective means to assist with mitigating the risk of data breaches. Please contact us to discuss how we can best address your organisation’s needs.