“Ticking time bomb”: Businesses going ‘digital by default’ left exposed
Share
Following the Latitude cyber breach, a string of other breaches and mishandling of consumer records in the private sector, the peak body for records management is warning businesses to act before it’s too late.
Records and Information Management Practitioners Alliance (RIMPA) CEO Anne Cornish says there is a concerning lack of compliance and regulation for records management and disposal in the private sector that has been in the too-hard basket for far too long.
“The pandemic forced businesses to digitalise – and fast. For many, this ‘digital by default’ movement came quickly and without much preparation, leading to rash decisions which unfortunately exposed many businesses to greater cyber risk,” she said.
“It’s time we question how long companies are required to maintain customer data, as the longer personal data is kept, the more at risk companies are of exposing this information to cyber hackers.”
Check out: Biggest data breach in Aust history; 14M Latitude customer records stolen
According to the latest Annual Cyber Threat Report 2021-2022, the Australian Cyber Security Centre recorded a staggering 76,000 cybercrime reports or a 13 per cent increase from the previous financial year.
RIMPA is urgently calling for a minimum standards framework for the handling and disposal of private information.
Cornish says varying and weak legislation means private businesses are also getting away with too much, putting their customers’ information a significant risk.
“A collaborative response with stakeholders, whether that be the retailer associations, RIMPA Global, government representation or cyber security experts, forming an emergency committee or inquiry could help to determine the minimum amount of data needed and how long it should be maintained,” she said.
“Afterall, what is the value of knowing a customer’s birthday for an online retail business if they may soon not shop online altogether in fear of their information being used inappropriately?”
Check out: Financial crime in Superannuation: the risk is real
Cornish says that, following the major breaches of Optus, Medibank and ANZ, it is a ticking time bomb until the next incident puts even more personal information at risk. However, she also warns that small to medium businesses are even more exposed, urging business owners to take their records and information handling more seriously.
“Whether you’re a large corporation or a small family business, personal records are personal and it’s time all businesses are held to a consistent standard to prevent these information breaches from happening in the future,” she said.
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria WA
Last Viewed