Technology industry

The technology sector is continuing to innovate at a fast speed. However, a lack of effective cyber security is calling into question the reliability of technology companies, their leadership and the new technologies they create. The lack of cyber security results in security breaches that end up in the news headlines.

There currently isn’t a whole lot of legislation that forces technology businesses to do better, unless they’re operating in a regulated industry such as financial services, healthcare, transport such as maritime or some other form of critical infrastructure.

For all the others it really depends on their appetite for risk and the need to provide boards and/or customers with assurance that they’re suitably protected. The industry standard that is often relied upon is ISO/IEC 27001 as it explains how to implement a flexible information security program that includes e.g. asset management, risk management, program evaluation and incident management.

Most importantly, don’t forget about the Australian Privacy Act if you handle personal information (customers and/or employees). A structured information security program will help demonstrate you’ve taken reasonable steps to protect sensitive personal information including customer identity information and financial transactions which both represent sensitive personal information as defined in the Act.

Key legislation and standards:

Summary of expectations:

  • Identify information assets and sensitivities including sensitive personal information
  • Define your information security roles and responsibilities in policies
  • Implement controls to manage risk and protect information assets
  • Maintain an information security management system and continually improve
  • Notify relevant stakeholders such as the OAIC of significant information security incidents

How we can help:

Contact TrustyGate

Get in touch to arrange a demonstration, discuss complex requirements or provide feedback.

(03) 9036 9963
Suite 1613, 33 Rose Lane, Melbourne VIC 3000, Australia