Are You Ready for the Aftermath of Cybercrime?
Is your organisation prepared to face the consequences of a potentially disastrous cyber attack? Are you aware of the wide implications of such threats to your data management systems?
In light of the recent Liberty Group’s cyber attack on client’s personal data by unknown hackers who demanded payment, SA government-mandated information regulator warned of the far-reaching consequences of cyber attacks.
Civil Claims and Massive Fines
Financial and insurance organisations such as Liberty who possess and store sensitive information of millions of clients, including bank accounts, ID numbers, and other personal records, stand to face substantial fines through subsequent civil lawsuits.
According to the pending Protection of Personal Information (Popi) Act, fines can be as high as R10-million for each data breach incident.
Infringing the right to privacy under the Protection of Personal Information (Popi) Act attracts the possibility of claims from company clients affected by the theft of their personal data entrusted to the company.
The POPI Act safeguards the collection and storage of personal information, similar to the recently introduced General Data Protection Regulation (GDPR) in Europe.
When the POPI act will be fully enacted into law, companies will have to face serious personal liability, and more so if any stolen data due to cybercrime is leaked on the public or dark web.
Our Integrated Management System (MSX) merges all organizational systems and processes in to one common cohesive framework that drives business excellence and ensures continual improvement. MSX enables business leadership to view management performance across the business activities and assists leaders to make informed actionable decisions.
Compliance and Regulatory Issues
If data breaches are found to be in contravention of the POPI Act by the Information regulator, non-compliance becomes an additional problem for the organisation, which attracts other liable payments due to poor regulatory IT systems.
The company also has a responsibility to inform the affected clients of the extent of the security hazard and unauthorised access to its IT systems. In Liberty’s case, the company informed the clients about the email server breach, confirming that there was no financial loss incurred.
Personal and Reputational Damages
Finally, cybercrime ends up costing organisations more than millions in financial damages. Cybercrime consequences extend to misappropriation of information, identity theft or extortion for the clients, while the company’s reputation is seriously affected.
Is your organisation protected against data security risks and cyber attacks?
MSX Cyber, part of the XGRC product range, assists organisations to drive performance and compliance with its integrated information security management system built on the ISO 9001 Quality and ISO 27001 Information Security framework.