In mid-May, the Russian government (quietly) published a report revealing that foreign hackers had successfully compromised the Russian Government’s cyber systems. The report suggests that sophisticated hackers were pursuing the interests of a foreign state or that they were backed by a particular state but makes no statement as to who may have been behind it.Read More
Following on from the consultation opened by the NSW Government in July 2019 (the subject of a previous blog), NSW Attorney-General Mark Speakman has committed to introducing a mandatory data breach scheme, according to an article by ITNews.
At present, neither NSW privacy laws nor the notifiable data breach scheme under Part IIIC of the Privacy Act 1988 (Cth) require public sector agencies in NSW to notify the NSW Privacy Commissioner and affected individuals where a data breach creates a risk of serious harm. This led to a consultation conducted by the Department of Communities and Justice in late 2019, which revealed “overwhelming public support” for the introduction of a mandatory data breach scheme in NSW, with the NSW Government “sharing a view” that the relevant scheme should be introduced.Read More
The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight. The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.