Data is more valuable than it has ever been before - to both organisations and cyber criminals. While it is an asset it can also be a liability, as recent serious data breaches have clearly illustrated. It’s also an issue businesses need to better understand and tackle head on, with PwC’s recent Digital Trust Insights report indicating 90% of Australia’s C-suite viewed public information sharing and transparency around cyber incidents as a risk that could lead to a loss of competitive advantage.
It’s not surprising data breach preparedness is on the minds of executives in organisations all over Australia. Organisations need to understand the key risks they are exposed to address vulnerabilities and have robust and practiced plans in place so they are ready to respond. At PwC, our community of solvers approach data breach readiness through five key areas of focus:
Identify is about understanding what data you have, where it is stored and who owns it and protects it, including third parties.
Minimise is about reducing risk with respect to the data you’re holding. Do you need to keep it all? Are you obliged to hold it as per regulation? Can you take proactive steps to minimise the impact of a potential breach by reducing that volume of data?
Secure is focused on the technical measures to keep data secure. Do you understand what vulnerabilities might exist on your external-facing systems? Are you taking preventative steps to harden your external-facing systems? Do you have the ability to detect and respond in a timely manner?
Prepare is about having the plans and procedures in place to respond in the event of a major cyber incident. Do you practise and rehearse those plans? And are you doing that holistically, engaging the entire organisation?
Govern is about ensuring appropriate governance is in place across privacy, cybersecurity and data. Do you have oversight of your operational processes? How about application development and project lifecycles?
To assist organisations assess their readiness to respond to a data breach and form a plan to address vulnerabilities, we’ve developed a Data Breach Readiness Diagnostic. It breaks the 5 areas of focus down into easy-to-understand questions to help you determine your level of data breach readiness and provide a benchmark as to how your organisation compares to others.
If you’d like to know more, please contact one of our team.