Company: No Laws, No Fines, No Change
DATA PROTECTION—AUSTRALIAOctober 27, 2011
According to Verizon Global Security Services Director Jonathan Nguyen-Duy, Australia needs breach notification laws in order to keep its reputation as a leader in information security. Noting that major changes only happened in the U.S. when companies were fined for contravening the Payment Card Industry (PCI) Digital Security Standards, Nguyen-Duy told ZDNet Australia that there's little incentive for Australian organizations to fess up about breaches. "Data breaches have doubled, but there have been no fines, no levies against PCI compliance," he said. Despite the risks, Nguyen-Duy said, "in 92 percent of cases, simple to intermediate controls would have detected and prevented the breach."