How resistant is business to cyber shock?

Cyber attacks are an inevitable threat to businesses operating in today’s technologically-driven world. With the Notifiable Data Breaches Scheme having recently passed into legislation in Australia, timing is paramount for our country’s businesses to have in place plans and strategies to deal with data breaches.

Under the new legislation, Australian businesses are now compelled to disclose if a data breach occurs. It’s clear from the results of PwC’s Global State of Information Security Survey 2018, that while Australian businesses are aware data breaches can occur, they may not realise how seriously it could impact their business. 40% of respondents cited the disruption of operations as the biggest potential consequence of a cyber attack and 39% cited the compromise of sensitive data. What about damage to business reputation and overall profits? There are many examples of how data breaches can negatively impact these aspects of business, with Facebook and Ashley Madison being recent examples. 

With this in mind, it’s staggering that 44% of global respondents said they do not have an overall information security strategy. 48% said they do not have an employee security awareness training program. 54% say they do not have an incident response process. 

So what can businesses do to better protect themselves? Implementing a management systems standard like ISO 27001 can help. ISO 27001, the Information Security management systems standard, formalises processes to protect data and also puts in place a system to be followed when a data breach does occur. 

It’s not all doom and gloom! 39% of survey respondents said they were confident in their abilities to identify the culprits of a cyber attack; and 44% said their boards actively participate in their overall information security strategy. Using a robust management systems standard, such as ISO 27001, can help protect customers’ personal data, and a businesses’ overall reputation and bottom line.

Check out the infographic below which provides a summary of some of the key findings of PwC’s Global State of Information Security Survey 2018.

Infographic: How cyber aware is Australian business?
To learn more about securing your information assets using ISO 27001, the Information Security management systems standard, click here

“I found the PWC IMS Lead Auditor training course very valuable. The content covered all areas in good detail. Claire presented all topics with clarity and made the whole course fun (who thought auditing could be fun!) and easy to understand. The course materials supplied both at the course and afterwards are valuable tools that can be utilised in any industry. I would happily recommend PWC training.”

“Overall very valuable course. Balance of theory with practical workshops was excellent. Trainers stuck to timetable very well.”

“The course was thorough and many relevant examples provided by both Tom and Jackie to help me apply it to the workplace.”

“Great presentation of the course, engaging facilitators and good use of group work. I found the course to be a great refresher for an audit course I did 10 years ago and now feel more motivated to go audits in a non-bow tie way!”

“Trainers’ knowledge was excellent, their knowledge made the training and learning easy.”