The Notifiable Data Breach Scheme has just seen its first full quarter, and the results of notifications have been released.
From 1st April to 30th June 2018, 242 notifications have been received, bringing the total to 305 notifications since the scheme went live in February this year.
Some interesting stats from this report show that:
59% of breaches were caused by malicious or criminal attacks
36% of breaches were caused by human error
The majority of the malicious or criminal breaches were the result of compromised credentials, and the most common human error was sending emails containing personal information to the wrong recipient.
So, how do we go about reducing these numbers and reduce the risk of your business being one of the companies required to report a breach?
Training is always number one, raising the awareness of protecting their credentials and company data. But training can only go so far…
Let’s look at these compromised credentials first;
- MFA (Multi-Factor Authentication) – a password, even a strong one, is just not good enough these days. By adding MFA to your account, you can ensure that the person logging into that computer or website is you.
- Changing the passwords that have been compromised. How do you know which ones are compromised? There are tools available to search out the dark web and find out which of your credentials have been breached, such as Threat Aware
Then there’s human error…
- Add DLP (Data Loss Prevention) to your business – Software packages such as Microsoft 365 have this level of security which can prevent sensitive data (ie credit card or Medicare number) leaving your organisation, as well as keeping you in control of the data when it does
If you already have an Office 365 subscription, upgrading to Microsoft 365 is incredibly easy, cost-effective, and has so many features to reduce the risk of your data getting into the wrong hands.
To further dive into the security features that Microsoft 365 have, check out our previous blog posts: