Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 5 February 2018 10:14

Centrify calls on security rethink for new data breach law

As Australia’s Notifiable Data Breach law takes effect this month, Centrify calls on businesses to deploy Zero Trust security to avoid becoming “sitting ducks”

Centrify, delivering Zero Trust Security through the power of Next-Gen Access, warns that many Australian businesses need to rethink their approach to security to prepare for the new mandatory data breach notification law taking effect this month.

The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organisations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and also report the incident to the Privacy Commissioner.

The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records held by organisations including Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others. Penalties range from fines of $360,000 for individuals to $1.8 million for organisations.

Centrify Senior Director APAC Sales Niall King said many businesses were security “sitting ducks” because their defences were out of date. “Today, businesses use a combination of cloud, on-premises and mobile services, which means traditional perimeter-based security is no longer effective,” he said.

“This is evident from research such as the Verizon’s 2017 Data Breach Investigations Report (DBIR) which revealed that compromised identities were responsible for 81 per cent of all data breaches.

“Centrify believes that companies need to adopt a Zero Trust security model which centres on the concept that users inside a network are no more trustworthy than users outside the network.”

Mr King said Centrify-sponsored research in Australia, conducted by Ponemon Institute, revealed that publicised data breaches damaged both corporate value and customer trust. “This study shows that many companies underestimate the true impact of a data breach,” he said.

“Ponemon found the stock value index of 113 randomly selected global companies declined by an average of five per cent on the day a data breach was disclosed and experienced a customer churn rate of as much as seven per cent. Also, one third of Australian consumers impacted by a data breach reported they had discontinued their relationship with the organisation that experienced the breach.

“This is a vital lesson for organisations to learn as Australia law mandates data breach disclosures.”

Mr King said companies needed to re-evaluate their entire security posture from the ground up, by focusing on protecting identities rather than the network perimeter. “The solution is available,” he said.

“Through a unified, integrated solutions offering, Centrify provides identity services for all users across applications, endpoints and infrastructure, allowing organisations to implement Identity-as-a-Service (IDaaS), single sign-on (SSO), multi-factor authentication (MFA), enterprise mobility management (EMM), privileged access management (PAM) and User Behavior Analytics (UBA) technologies.

“This identity-centric rethink of security can directly address the more than 80 per cent of data breaches that arise from compromised identities, which dramatically reduces the risk of having to report a data breach.”

For more on how you can implement Centrify Identity Services, click here. For media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email

About Centrify Centrify delivers Zero Trust Security through the power of Next-Gen Access. Centrify verifies every user, validates their device and limits the amount of access and privilege to resources while continually learning & adapting. Centrify Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a-Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) Over 5,000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses.

### Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.

Submit a media release