Following recent high-profile cyber incidents impacting Optus (see our article No Optus – Australia’s largest data breach) and Medibank, Australian organisations should be taking steps to mitigate cyber risk and ensure they have an adequate and tested cyber incident response plan (IR Plan) in place.
With the Optus breach, the Office of the Australian Information Commissioner (OAIC) and the Australian Communications and Media Authority have announced a coordinated investigation into Optus’ storage and management of its customers' data. One law firm has already filed a class action against Optus with the OAIC, with another assessing the issues.
As cyber attacks become more prevalent, a rapid, planned and holistic response is crucial. This ensures that incidents are identified, contained and investigated in a timely manner.
Cyber Incident Response Plan
A key part of being well prepared is understanding that cyber risk cannot be eliminated. While there are various steps that can materially reduce the risk, all businesses should be prepared for a cyber attack. When attacks occur, businesses should rely on a prepared and tested IR Plan to respond promptly and decisively to a cyber incident, limiting its impact and supporting recovery.
Many businesses are yet to prepare an IR Plan or only discover gaps when they are responding to an incident. When there is no plan or gaps are only identified during the crisis, businesses are less prepared to effectively manage the complex processes and coordination that takes place in combating an incident.
The most effective way to train organisations to handle cyber risk is to run through a simulated cyber incident and test an IR Plan. This will help identify vulnerabilities – which can then be patched and strengthened.
Be prepared: how we can help
Led by Eden Winokur, Partner & Head of Cyber, our expert cyber team are delivering half-day or full-day workshops tailored to help businesses implement and test their IR Plan.
Now is the time for businesses to invest in being prepared. This is a small price to pay when considering the devastating effects a cyber incident may have on your organisation and its customers or clients.
Workshops are bespoke and can include:
- Assessment of your IR Plan
- Detailed report identifying gaps and areas where further work can be undertaken
- Scenario / simulation training
Watch our Head of Cyber Eden Winokur as he explains how we can help clients.
Listen to our cyber podcast
Cyber permeates every aspect of our lives. Find out how to be cyber aware with Head of Cyber Eden Winokur in our podcast – Cyberzone.
Partner & Head of Cyber
Eden is a leading cyber, privacy, disputes and insurance lawyer who heads the Hall & Wilcox cyber practice.
More about Eden
Alison has more than 20 years’ experience in a wide-ranging employment and privacy practice.
More about Alison
Cyber| 15 Sep 2022
Hall & Wilcox Tech Week: The threat of cyber risk in Australia – the regulatory, insurance and security view
How can companies best defend themselves against a cyberattack? What do companies have to do ...