Cyber Security
If y’all are one of the following
- Run a business by a turnover of $3 million or more
- Health aid providers, including medical systems, dental works, druggists, physiotherapists, psychiatrists, and so on
- Credit recording body
- TFN receivers, e.g., companies
- Disclose or collect private information in trade for a benefit, service or service
Possible significant fines (up to $1.8 million) apply for non-compliance with the notification obligations.
Even if you are not directed to the Privacy Act, you may be under other responsibilities to protect data or keep confidentiality.
All institutions should seek to use best industry practices in the administration and security of their data and information to decrease the risk of a breach.
Australian Signals Directorate (ASD) Essential 8 Policies to mitigate cyber threats:
- Application whitelisting
- Configure Microsoft Office macro settings
- Patch applications
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Daily backups