New Zealand’s Office of the Privacy Commissioner (OPC) launched a new data breach reporting tool “NotifyUs” to help organizations report data breaches and assess whether a security incident is notifiable or not.
The new online tool is launched ahead of New Zealand’s new privacy bill “The Privacy Act 2020,” which comes into effect on December 1, 2020. Under the new act, it is mandatory for organizations to notify the OPC if a breach occurs. Businesses which fail to report a notifiable breach to OPC may be penalized with a fine up to $10,000. “The Act strengthens privacy protections. It promotes early intervention and risk management by agencies (the name used for any organization or person that handles personal information) and enhances the role of the Privacy Commissioner,” an official statement said.
Privacy Commissioner John Edwards said, “We want the privacy breach pre-assessment and reporting process to be straightforward. NotifyUs has undergone extensive testing ahead of today’s launch to ensure the guidance is clear and easy to follow. I encourage people to use it in advance of the new legislation taking effect on 1 December.”
Cyberattacks on New Zealand
Recently, the New Zealand Stock Exchange NZX Ltd. went offline for three days in a row due to a blow of successive cyberattacks. In a security alert, the bourse operator said that initially it had been hit by a distributed denial of service (DDoS) attack on August 25, 2020, from offshore, via its network service provider. The attack impacted the exchange’s network connectivity systems, including NZX websites and the markets announcement platform.
Earlier, a survey revealed that 45% of the companies in New Zealand rated themselves as not secure against cyberthreats; 50% of the firms claimed that they lack in cybersecurity confidence. Most of the businesses are not able to protect their company’s data when their employees are working remotely.
To address the surge in malware, phishing, and DDoS attacks, EC Council’s CISO MAG has planned a crisp half day virtual engagement, The Australia CISO Confluence, to create more awareness on the need for cybersecurity and its related implications in these testing times. Register Here