As cyberattacks increase in volume and sophistication, the Office of the Privacy Commissioner has called for businesses to introduce two-factor authentication to protect the information they hold.
Under the Privacy Act, a business needs to take reasonable steps to protect the personal data they hold. What is deemed reasonable depends on the size of the organisation and scale and sensitivity of the personal information they hold. The Office of the Privacy Commissioner notes that two-factor authentication is a bare minimum it would expect from organisations that hold or share personal information digitally.
Two-step protection
With two-factor authentication, a business requires two forms of digital identification, such as a password confirmed by a text message to an individual’s phone or email address. This introduces an extra verification step and layer of security between the data and potential hackers, helping to protect a company’s data, network and customer information.
Another important security measure is the use of long, strong and unique passwords. Weak passwords are a key vulnerability as cyberattackers can easily use software to ‘guess’ passwords, buy lists of passwords that are often sold online and access email addresses and passwords that are leaked online in data breaches.
Financial losses due to cybercrime are up 66 percent to almost $6 million in the first quarter of 2023, according to CERT NZ*. Maintaining good cyber security is key and businesses and individuals need to make sure they are doing everything they can to keep their information safe.
How Gallagher can help
As cyber insurance experts, we work with you to understand and manage your exposure to potential cyber risks and arrange the appropriate cyber cover. For more information please contact your Gallagher broker.
*CERT NZ’s Quarter One Cyber Security Insights 2023
0800 276 624
ajg.co.nz
Disclaimer
The views expressed in this content are those of the author, who is also responsible for any errors and omissions. Family Business Association provides this article for your information only. The content of the article should not be taken as advice. If you wish to explore this topic, please consult an advisor who you consider to have the expertise to provide specific advice in relation to your family business.