Hit enter to search or ESC to close
15 September 2023
As cyberattacks increase in volume and sophistication, the Office of the Privacy Commissioner has called for businesses to introduce two-factor authentication to protect the information they hold.
Under the Privacy Act, a business needs to take 'reasonable steps' to protect the personal data they hold. What is deemed reasonable depends on the size of the organisation and scale and sensitivity of the personal information they hold. The Office of the Privacy Commissioner notes that two-factor authentication is a bare minimum it would expect from organisations that hold or share personal information digitally.
With two-factor authentication, a business requires two forms of digital identification, such as a password confirmed by a text message to an individual’s phone or email address. This introduces an extra verification step and layer of security between the data and potential hackers, helping to protect a company’s data, network and customer information.
Another important security measure is the use of long, strong and unique passwords. Weak passwords are a key vulnerability as cyberattackers can easily use software to ‘guess’ passwords, buy lists of passwords that are often sold online and access email addresses and passwords that are leaked online in data breaches.
Financial losses due to cybercrime are up 66 percent to almost $6 million in the first quarter of 2023, according to a recent report from CERT NZ. Maintaining good cyber security is key and businesses and individuals need to make sure they are doing everything they can to keep their information safe.
As cyber insurance experts, we work with you to understand and manage your exposure to potential cyber risks and arrange the appropriate cyber cover. For more information please contact your Crombie Lockwood broker.