Canon Business Readiness Index SMB 2019

In the 12 months since the Notifiable Data Breach Scheme came into effect, 964 breaches were reported. See which are the top reporting sectors, what types of information was leaked and what your business can learn to mitigate the risk internally.

The Notifiable Data Breaches (NDB) Scheme came into effect on 22 February 2018.

The scheme made it obligatory for organisations covered by the Australian Privacy Act (this includes all Australian government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more), to notify certain breaches.

What is a personal information breach?
A personal information security breach refers to any unauthorised access or disclosure of the personal information your organisation holds. This also includes the loss of information that’s likely to lead to unauthorised access or disclosure.

Data Breaches: 12-Month Insights
The Office of the Australian Information Commissioner (OAIC) released the “Notifiable Data Breaches Scheme 12-month Insights Report” in May 2019.

Key Take-aways
• There were a total of 964 eligible data breaches during the 12 month period
• Of those 964 breaches, the source/cause of data breaches were Human Error (35%), Malicious or Criminal Attacks (60%) and System Faults (5%).
• The most common type of human error was personal information being sent to the wrong recipient via email
• While 84% of businesses are aware of printing-related security threats, only 4 in 10 businesses have their printers secured
• Small businesses (<20 employees) report the lowest rates of awareness around printer security issues – 31% are not aware of risks vs 5% of larger businesses (200+ employees)

Follow us on