According to a survey by Midwinter’s cyber security subsidiary Kamino, only 32 per cent of respondents were aware of the 22 February 2018 introduction of mandatory data breach reporting by the Office of the Australian Information Commissioner.
Additionally, 45 per cent of respondents have previously suffered a ‘cyber security incident’, which Kamino and Midwinter director Julian Plummer said was “highly concerning” given the lack of awareness around data breach requirements.
“These laws will have a huge impact on the businesses affected. This lack of awareness of the laws most likely translates to an overall lack of preparedness for the changes now in effect, which is worrying considering the ramifications of a cyber breach incident on a financial planning,” he said.
Mr Plummer said “most respondents appeared to have a very good understanding of what is at stake”, but that few have made adequate preparations to protect from a cyber attack.
“Customer information is of the utmost importance, and the survey revealed that business owners realise that their brand must be protected from being tarnished by cyber incidents, which could lead to direct revenue loss,” he said.
“However, this has not been reflected in the preparations and processes which should be set in place to protect advisers, accountants and superfunds from potential cyber attacks.”
Mr Plummer added that human error is one of the biggest weaknesses in a business’ cyber security, but only 28 per cent of respondents were confident in their staff’s cyber "security hygiene".