Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


NZCS supports mandatory disclosure of security breaches

NZCS supports mandatory disclosure of security breaches

PRESS RELEASE – NZ Computer Society Inc. (NZCS)
2 August 2011

The New Zealand Computer Society (NZCS) today welcomed the recommendation from the Law Commission for mandatory disclosure of serious security breaches.

NZCS Chief Executive Paul Matthews said today “The New Zealand Computer Society (NZCS) strongly supports the mandatory disclosure of serious security breaches and welcomes the recommendation from the Law Commission to finally put this in place in New Zealand”.

“One of the fundamental concepts of privacy is control of your own information. Being made aware of when this information falls into the wrong hands is essential”, Matthews said.

The Society recommends that staff with responsibility for security undergo security-specific training and certification and all staff with responsibility for projects or teams be accredited with the overarching IT Certified Professional (ITCP) Certification.

“While sometimes genuine mistakes do happen, all too often breaches are entirely avoidable and occur due to lax security and unqualified staff not following good practice”, Matthews said. “Businesses need to understand that if they don’t take security seriously it can have dramatic consequences both for their customers and their reputation”.

A big issue under the current law is that unless breaches become public through the media or other means, there’s no incentive for unethical companies to disclose major breaches especially where they’ve occurred due to lax security. In fact there’s a disincentive given the damage to reputation that can ensue.

“With mandatory reporting of serious security breaches we’re entering a new era”, Matthews said. “Some breaches will occur and undoubtedly some companies will be exposed. If these companies can’t show they’ve taken reasonable precautions such as insisting their providers are properly trained and certified, the cost will be high in reputation and dollar terms”, he said.

“However it’s more than just reporting. Albeit necessary, that’s the proverbial ambulance at the bottom of the cliff. IT companies need to be proactive in relation to security and privacy”, he said.

“To put it another way, in conjunction with mandatory reporting people need to stop saying ‘we were hacked’ and start saying ‘our approach to online security needs attention’”, Matthews concluded. “It’s time New Zealand companies got serious about security”.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Stats NZ: Quarterly Inflation Rising Steadily Across The Board

Higher prices for transport and food have driven up inflation for the all households group in the June 2021 quarter, Stats NZ said today. The ‘all households group’ represents all private New Zealand-resident households... More>>

Stats NZ: Primary Products Push Exports To A New High

New Zealand exports reached a new high in June 2021, off the back of record export values for logs and beef, Stats NZ said today. In June 2021, the value of all goods exports rose... More>>

Energy: New Zealand Could Be World’s First Large-scale Producer Of Green Hydrogen

Contact Energy and Meridian Energy are seeking registrations of interest to develop the world’s largest green hydrogen plant. The plant has the potential to earn hundreds of millions in export revenue and help decarbonise economies both here and overseas... More>>

Statistics: Household Saving Falls In The March 2021 Quarter

Saving by New Zealanders in the March 2021 quarter fell to its lowest level in two years after rising sharply in 2020, Stats NZ said today. Increases in household spending outpaced income growth, leading to a decline in household saving from the elevated levels that prevailed throughout 2020... More>>