Menu
Data breach notification laws in NZ: how can partners prepare?

Data breach notification laws in NZ: how can partners prepare?

Cyber health of a nation now coming under question

L-R: Lewis Holden (Cogent); Matthew Lord (Dimension Data); Karl Thomson (StorageCraft); Phil Martin (SAS IT); Hayley Dack (DNA Connect); Mark Ellis (Datacom); Stuart Speers (Enterprise IT); Neil Cresswell (Emerging Technology Partners); James Henderson (Reseller News); Gerhard Nagele (Vodafone); Greg Mikkelsen (SecureCom); Ben Tan (BT Cyber); Christian Derrington (Umbrellar) and Stuart Preston (Splunk)

L-R: Lewis Holden (Cogent); Matthew Lord (Dimension Data); Karl Thomson (StorageCraft); Phil Martin (SAS IT); Hayley Dack (DNA Connect); Mark Ellis (Datacom); Stuart Speers (Enterprise IT); Neil Cresswell (Emerging Technology Partners); James Henderson (Reseller News); Gerhard Nagele (Vodafone); Greg Mikkelsen (SecureCom); Ben Tan (BT Cyber); Christian Derrington (Umbrellar) and Stuart Preston (Splunk)

Credit: Gino Demeer

With the data breach notification laws expected to become reality in New Zealand, the security practices and policies of Kiwi organisations are coming under the spotlight.

Because as the legislation looms large, the cyber health of a nation is coming under question.

Irrespective of legalities however, businesses today remain unprepared to handle the requirements of security, creating a need for external guidance and advice.

But is the channel ready to capitalise?

As reported by Reseller News, New Zealand’s new data breach notification laws carry sharp penalties for organisations that are found not to be properly compliant with them - individuals can expect fines of up to $100,000, and body corporates can expect penalties of as much as $1 million.

These laws follow similarly strict laws adopted in overseas markets, such as the recently-enacted GDPR requirements in the European Union.

However, just as over half the companies throughout Europe are not properly compliant despite the risks, even past the deadline, so too are New Zealand organisations of all sizes scrambling to catch up with the local laws.

Consequently, vendors and channel partners alike now find customers in urgent need of both guidance and technology solutions to mitigate against this potentially business-ending level of risk.

Lewis Holden (Cogent); Karl Thomson (StorageCraft) and Phil Martin (SAS IT)Credit: Gino Demeer
Lewis Holden (Cogent); Karl Thomson (StorageCraft) and Phil Martin (SAS IT)

“This legislation means that a small business in New Zealand can effectively go bust just because they’re breached,” said Lewis Holden, general manager of Cogent. “You’ve got to remember that 95 per cent of the local market is made up of small businesses.

“It’s an incredibly competitive space, with plenty of others that will fill the gap when one of them goes down. They can’t afford those kinds of fines.”

Learning the law

Threatening though the laws may be, they’re also reasonable, according to SecureCom director, Greg Mikkelsen said.

For Mikkelsen, when assessing the high-profile breaches occurring in the market during recent years - think Equifax, Facebook and Cambridge Analytica controversies - it’s understandable to see why New Zealand must also develop a strong framework for handling data security and privacy.

This in turn offers an opportunity for the local business community to realign itself behind data security.

“I think that if these laws came at an earlier point in time people would have seen it as a solution looking for a problem,” Mikkelsen said.

“People are realising what’s at stake far more than before, and that it’s an issue that has to be dealt with. The legislation will just sharpen individuals and organisations up to realise that they do have some personal responsibility in this area.”

Locally speaking, Mikkelsen said the challenge that businesses face centres around a “lack of genuine understanding” at the executive layer about what is involved in becoming – and maintaining – compliant.

Greg Mikkelsen (SecureCom)Credit: Gino Demeer
Greg Mikkelsen (SecureCom)

“Very few senior executives in New Zealand come from an IT background,” Mikkelsen said. “So, when you’re trying to explain risk from an IT perspective, and what’s involved in addressing that risk, it’s challenging to properly articulate it to such leaders.

“On occasions, you can be trying to teach them things that they have no basic comprehension of. As a technology provider, you can’t go back and teach them 20 years of IT knowledge around switches, routers, firewalls, data security, and so on.”

Instead, partners must highlight examples such as Equifax, and the extent of damage that a data breach can have, both to the company and the executive team themselves.

“Equifax had 47 million records breached, and didn’t tell anyone for months afterwards,” Mikkelsen added. “Now the company is facing massive costs, the CEO is gone, half of the board of directors is gone, the CIO and CTO are gone also.”

As a result, it’s important to drive home the executive’s role in managing the technology risk profile of their company because, according to Mikkelsen, that awareness is just not there yet.

“I’m still not seeing any connection between a director’s sense of responsibility, their knowledge and understanding around IT, risk and security, and their interest in engaging with companies like us who are providing services in an IT world,” Mikkelsen added.

Such a disconnect is widely expected to change however, as business leaders begin to realise that they don’t need to have a breach of the scale of Equifax for the organisation to be exposed.

In time, businesses will naturally look to their suppliers to develop and execute solutions to manage the risk profile.

Read more on the next page...


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Datacomstoragecraftsplunkdimension dataCogententerprise ITsecurecomSAS ITUmbrellarEmerging Technology Partners

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments