Australian Government Imposes Tougher Penalties for Data Breaches

Australian businesses taking things easy on cybersecurity need to worry now with the Australian government stipulating tougher penalties on companies facing data breaches. In view of the data breach incidents concerning companies such as Optus, MyDeal, Medibank, and others, the government seems to have decided that enough is enough. According to the new laws, the penalty for data breaches has been increased from $2.2 million to $50 million. This is to drive home the point that companies cannot take things lightly when it comes to securing the privacy, integrity, and confidentiality of customers’ data.

According to Attorney-General Mark Dreyfus, the recent data breaches have undermined the confidence of the Australian public in the digital landscape of the country. He mentioned that governments, businesses, and other entities should have an obligation towards protecting the personal data of Australians, instead of treating it as a commercial asset.

Mr. Dreyfus further alluded to assuaging the expectations of the Australian users by stating, “setting these penalties at a higher level will accord with the Australian community expectations about the importance of protecting their data.” As per the new laws, companies will face penalties for amounts that are greater than $50 million or 30 percent of their turnover during the relevant period or three times the value of benefits accrued from stolen data. The Attorney-General emphasized the fact that entities should be incentivized to have strong cybersecurity safeguards to protect Australians.

New Cybersecurity Bill to Prevent Data Breaches

Thanks to the new bill, the Australian information commissioner will get sweeping powers to resolve privacy breaches. He or she will have greater powers for sharing information with the communications watchdog. This is to ensure the regulators work better. Mr. Dreyfus said that data breaches are unacceptable and have the potential to cause serious financial and emotional harm to Australians. The trigger for introducing the new bill is the Optus data breach. The question arises as to how Australian businesses can secure their assets, which include personal and business-related data. The answer is by hiring the services of cybersecurity companies such as Cybernetic Global Intelligence.

How Do Cybersecurity Companies Secure the Assets of Australian Cos.

Cybersecurity is not a one-day activity but a series of steps taken over a period of time to evaluate the preparedness of an enterprise. The steps may include the following:

Managed security services: Companies that do not have an in-house cybersecurity team usually outsource the management of their digital assets to a certified cybersecurity company like Cybernetic Global Intelligence. The round-the-clock services provided by such a company may include intrusion detection, firewall, vulnerability scanning, virtual private network, phishing simulation, SIEM implementation, and anti-viral activities.

ISO 27001 accredited security audit: Companies should implement top-notch standards such as ISO 27001 to strengthen their infrastructure for cybersecurity. In the absence of that, they may get their IT systems validated by accredited ISO 27001 security auditors. This can help them reduce the risk of reputational damage. By conducting cybersecurity audits, businesses can mitigate risks against cyber-attacks and assure customers and other stakeholders of the resilience of their systems.

Penetration testing: It involves hacking into a system to find out the vulnerabilities and fix them so that cybercriminals do not exploit them. It is an excellent tool to evaluate the cybersecurity preparedness of any organization. Penetration testing can be used to test the entire digital paraphernalia comprising servers, applications, wireless networks, endpoints, network devices, and mobile devices, among others. This type of testing can help businesses anticipate any emerging security risks and prevent cyber criminals from accessing digital assets. By identifying gaps in security practices, penetration testing can offer effective remedial measures to fix them. Also, it can ensure regulatory compliance.


The Australian digital landscape is going to be tougher for enterprises without any cybersecurity mechanism. The steep penalties can extract huge financial costs for enterprises should they end up being the victim of data breaches. To avoid such a situation, Australian businesses are well advised to invest in strengthening their cybersecurity apparatus. They can do so by setting up in-house infrastructure or hiring cybersecurity support services. For instance, Cybernetic Global Intelligence, the accredited company providing cybersecurity services can be reached at 1300 292 376 or

Post a Comment