Brought to you by:

Data breach reporting regime starts this week

New data security laws come into effect on Thursday, making it mandatory for companies with an annual turnover of at least $3 million to report breaches to affected individuals.

The Notifiable Data Breaches scheme also applies to most government agencies and non-profit bodies.

Breaches must be reported to the Office of the Australian Information Commissioner.

Specialist cyber risk insurer Emergence Insurance has urged businesses to review their security procedures.

“You’re only as safe as your weakest link,” Head of Underwriting and Product Development Jeff Gonlin said. “A cyber insurance policy is part of every successful business’ risk management framework.

“Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack.”