2017 has been dubbed a ‘challenging year’ for Governments and private enterprise when it comes to cyber security across the globe. This isn’t much of a surprise with 2016 ending on a low note with major hacks to Government entities and private enterprise across Europe, the United States and Japan during November.
In Australia, we continue to see an increased focus on data security because of ongoing breaches. ASIC has highlighted that ‘the dynamic nature of the cyber threat landscape means that a comprehensive and long-term commitment to cyber resilience must be embedded within organisations’ culture’.
Also, during February 2017, mandatory data breach notification laws passed the Australian Parliament. These laws will require organisations to reveal if their systems are compromised by cyber-attacks or technical failings. The new laws will impact businesses with over $3 million in turnover, smaller firms that handle sensitive data and most government agencies. Link HERE TO Website News Page
In light of these developments AMSRO’s focus on raising awareness and increasing the understanding of risk across the areas of communication security, operations security, people security and IT Assets security is an important step to ensuring that market research industry participants remain vigilant and on the front foot when it comes to privacy and security.
As well as meeting the requirements of the Market & Social Research Privacy Code and the AMSRS Code of Professional Behaviour, and holding the International Standard for Market, Opinion and Social Research certification (ISO 20252), CRNRSTONE is continually implementing new measures that address client concerns and requirements about online security and privacy.
The measures we have implemented –
- The development of a comprehensive Security Policy that details rules, roles and procedures to ensure that all staff understand that data privacy and security is of the highest priority. Issues include handling procedures, usage, privacy, social media, user responsibility and more.
- Providing staff with a cyber security checklist to ensure ongoing compliance with best practice policies and procedures.
- Engaging IT security specialists to develop procedures and protocols that satisfy the needs of large corporate and government clients.
- Regularly monitoring and auditing our security procedures to meet developing cyber threats.
- Keeping up to date with domestic and international cyber threat news and updates.
- Ensuring that insurance and the physical security of our premises is a priority.
As described by The 2017 Insights from The Global State of Information Security Survey, “threat management is an advanced discipline that requires a chess master’s skills in strategic and analytical thought”.
While the market research industry takes the protection of sensitive client and panel member data seriously, it is important to regularly question whether we can do more to ensure that the that the information and content, which we create, receive and process and the technology we use to handle information, are secure and protected from unauthorised access, disclosure and compromise.
Rigour in Data Protection and IT Security has resulted in CRNRSTONE, formerly Stable Research, being accredited by major Australian banks and financial institutions as part of their compliance measures when signing up suppliers to Master Services Agreements.
Feel free to use our Checklist to assess your cyber security.