Close Search
 
MEDIA, JOBS & RESOURCES for the COMMON GOOD

New governance principles in wake of Medibank cyber attack


26 October 2022 at 1:08 pm
Ruby Kraner-Tucci
An Australian-first partnership aims to better prepare organisations to protect their data, and more importantly, the data of their customers and clients.


Ruby Kraner-Tucci | 26 October 2022 at 1:08 pm


0 Comments


 Print
New governance principles in wake of Medibank cyber attack
26 October 2022 at 1:08 pm

An Australian-first partnership aims to better prepare organisations to protect their data, and more importantly, the data of their customers and clients.

Just one month after the high-profile cyber attack on telecommunications giant Optus, Australia has yet again been rocked by another privacy breach, this time a hack exposing the personal data of just under four million Medibank customers.

To better equip organisations to strengthen their cyber security, the Australian Institute of Company Directors and the Cyber Security Cooperative Research Centre are partnering to release new governance principles.

It comes as not-for-profit leaders signalled the vulnerability of the sector to cyber attacks, with research showing more than 60 per cent expect a surge in reportable cyber incidents this year despite just under half making progress on establishing a security and privacy program.


See more: NFP leaders say they are vulnerable to cyber attacks


Cyber Security Cooperative Research Centre CEO Rachael Falk said this worry is reasonable, and emphasises the importance of a cyber security framework for organisations.

“Companies must expect to be attacked and the worst thing any organisation can do in this current environment is to proceed with a false sense of security. This is a core risk that has to be incorporated into the everyday business of running any organisation.”

The new principles were informed by extensive consultation with government, industry experts and the wider community of company directors.

They provide a practical framework for effective board oversight across five key areas including roles and responsibilities; cyber strategy development and evolution; incorporating cyber into risk management; building a cyber resilient culture; and preparing and responding to a significant cyber incident.


See more: Cybersecurity is paramount for not for profits – we need to act now


Minister for cyber security Clare O’Neil said the principles will benefit sector leaders and resonate broadly across all Australian industries.

“Building our nation’s cyber resilience is crucial. This will require a huge collective effort across government and industry, with company directors having a critical role to play. These principles provide a clear picture of cyber security best practice for organisations across the whole economy.”


See more: Bridging the digital divide between government and charities


Australian Institute of Company Directors’ CEO Mark Rigotti said he was “delighted to be releasing these principles with the [Cyber Security Cooperative Research Centre]”.

“Cyber security is a crucial area for boards and we know they are looking for as much support as possible. Building cyber resilience within organisations is ultimately about building resilience across the nation as well as capacity within our teams and organisations.”


Ruby Kraner-Tucci  |  @ProBonoNews

Ruby Kraner-Tucci is a journalist, with a special interest in culture, community and social affairs. Reach her at rubykranertucci@gmail.com.




YOU MAY ALSO LIKE

Improving your social impact reporting

Kevin Robbie

Monday, 29th May 2023 at 5:36 pm

Salary Survey reveals pay rises across the board

Danielle Kutchel

Monday, 29th May 2023 at 5:00 pm

Think Strategy: Think Impact

Kevin Robbie

Thursday, 20th April 2023 at 11:00 am

Helping the small guys have a big impact

Danielle Kutchel

Wednesday, 29th March 2023 at 4:40 pm

pba inverse logo
Subscribe Twitter Facebook
×