Following Mako’s recent announcement of our new agreement with Telstra, I thought it might be useful to take a closer look at the security landscape in Australia, some recent fraud trends, and overall take a deeper dive to see what the current market conditions are like.
Like many western nations, Australia supports a vibrant and modern economy that relies heavily on card transactions as part of everyday commerce. Cash is generally considered a secondary means of payment; most Australians will simply pull out their EFTPOS card (similar to a debit card in America) for even small purchases.
This reliance on electronic transaction processing means that even greater emphasis must be placed on securing customer data; with more cards in circulation and use, the greater their value to fraudsters. While the population of Australia is not nearly so great as the US or UK, it does present an attractive target. And we’ve seen that borne out in plenty of reports about card fraud incidents and attacks.
The total amount of card fraud in Australia for 2013 reached some $280 million according to the Australian Payments Clearing Association. This total is part of a six-year general rise in card fraud rates, which the Australian Institute of Criminology found to be an area of particular concern as other general crime rates in the country fell.
But aside from the criminal aspects of card fraud, these security breach events have significant financial impacts on the companies involved. In its 2014 Cost of a Data Breach study, the Ponemon Institute found the total average cost paid by a breached Australian company grew to $2.8 million per event. This was the fifth consecutive year that data breach costs had increased. Meanwhile, the same study also found that the probability of a material data breach happening to an Australian business over the next two years involving a minimum of 10,000 records is nearly 18 percent.
Retail businesses have the highest probability of a breach at 21.3 percent.
Amidst the rising threat of more and costly data breaches, the Australian Government is ratcheting up its stance on security and personal information. From March this year, revisions to the Australian Privacy Act have increased the penalties that can be levied against organizations that lose personal data (including financial data). The Australian Information Commissioner has the power to prosecute for serious or repeated breaches, with financial penalties of up to $1.7 million for corporations.
In addition, the Australian government is also contemplating a mandatory data breach disclosure law (as is found in many other countries) that would compel organizations to notify the public of any serious security incidents.
In short: now is the time for Australian businesses to consider their security preparedness as part of an overall risk-reduction strategy. It’s become simply impossible to claim that it simply won’t happen—card fraud is a real and growing threat in Australia, and only through action can its effects be mitigated.
Contact us to learn more about how Mako can help secure your business and reduce the risk of a serious data breach event.