Parliament House’s computer systems host vital documents relating to Australia’s national security. So you’d expect it to have one of the most secure document and cyber security processes in Australia.
Recently, though, that turned out not to be the case. A breach by security and defence contractor, BAE Systems Australia, resulted in a 1000-page manual on the security upgrade to Parliament House going missing. The security manual could have ended up in the hands of anybody. (If you want to know more about the security breach, read the article here: http://www.sbs.com.au/news/article/2017/10/25/defence-queries-bae-post-parly-manual-loss)
A government security manual going missing in a security breach might sound like something out of a comedy spoof, but it’s not funny when you consider that BAE Systems Australia is entrusted with highly classified military projects. It’s even on the shortlist to win a $35 billion Navy frigates contract! And what makes the security breach even worse is that parliamentary officials were not informed about it until three months after it occurred.
As soon as something goes wrong, security companies should be informing their customers immediately so it can be dealt with accordingly. Leaving the problem for any amount of time can worsen the effects. Problems need to be sorted out as quickly as possible.
Fortunately, new legislation coming into effect in February 2018 – the Privacy Amendment (Notifiable Data Breaches) Act – means that the Australian Commissioner will need to be informed of any security breaches that occur from that date.
Despite the recent breach, Parliament House is not reviewing its contract with BAE Systems Australia because it occurred in a non-defence part of the company’s business. However, this breach must surely have reduced Parliament House’s confidence in their IT supplier.
A spokesperson for BAE Systems Australia told the media: “Following identification of the security incident, we conducted a thorough investigation and are confident that we have the processes and procedures in place to avoid the possibility of an incident of this nature happening in the future.”
Would you trust a company to handle your security if it lost a confidential document?
What if this happened in your business?
Your system may not contain documents relating to national security, but you are still storing information that’s vital to your business. Your documents most likely include confidential information, such as your customers’ contact details and your company costings, salaries and profits. You no doubt have documents relating to future plans to grow your business or to develop new products or systems to gain competitive advantage. What would the impact on your business be if you had a security breach? It would affect your reputation in the market-place as well as, potentially, the bottom line of your business. Would your customers trust you with their information again?
How Correct Solutions can help
Are you concerned that what happened to Parliament House could happen to your business? Get in touch with us if you want to know more about security solutions, and how to improve your data security and document loss prevention processes, to ensure something like this doesn’t happen to your business.
Contact one of the team on 1300 267 765 if you want to know more.