Legal Consequences for Businesses – Cyber Security
The danger of a cyber security breach lies not only in the breach itself but in its significant legal ramifications. It’s just a matter of time before Australian courts are faced with a cyber security class action, especially considering that the number of cyber security attacks is on the rise.
A recent class action in the U.S brought against credit reporting agency Equifax, highlights the legal implications for organisations that do not have the appropriate security controls in place. The action alleges that Equifax was negligent in protecting the individuals whose data it held because they did not maintain adequate safeguards against unlawful access (which they knew could result in a substantial data breach).
The minimum criteria for a class action in Australia is a group of seven complainants who have a related claim that gives rise to a common issue. In a scenario where a number of people have had their data leaked in the same cyber security attack, like that in the Equifax example, these minimum requirements would likely be met. The difference in the amounts lost or circumstances of the transactions is irrelevant.
ASIC has reported that at least 80% or organisations anticipate a rise in cyber threat over the next 12 months, and that risk should also be the responsibility of the individuals and companies who entrust their information to providers. However, with cyber security threats rising, the legal fraternity’s expectation of those tasked with the responsibility of protecting individuals against these risks is also increasing; and no company is immune – the risk of a cyber attack touches every organisation that collects or maintains confidential property.
Essentially, as cyber attacks increase it is expected that momentum will build in favour of financial compensation for individuals that suffer as a result of such attacks. Even with the best intentions, or a belief that your company is secure, outdated security measures may leave your organisation open not only to security breaches but to considerable litigation.
Cyber security risk is now an enterprise wide issue that necessitates strategic execution. Today’s leaders will be expected to justify the security defences they pull together to protect their organisations from liabilities that cyber hacks can expose them to.
Actively manage your cyber security risk by taking our survey to measure your vulnerability.