MEDIA RELEASE                                                                                                                                         For immediate release

Vital lessons from the US on ‘breach fatigue’ and consumer safety

29 September 2016

There are only 19 days until AISA’s premiere networking event for information and cyber security professionals. 

Andre McGregor, Director of Security at Tanium, is one keynote speaker not to be missed at this year’s conference. A former FBI Cyber Special agent and current technical consultant to the award-winning TV show Mr. Robota drama about the life of Elliot Alderson, cyber security engineer by day and vigilante hacktivist by night, McGregor will take us through the US experience of fighting against breach fatigue. 

Breach fatigue is the idea that as consumers are increasingly confronted with security incidents – whether directly or indirectly through news – the less likely they are to proactively protect themselves or take action against the companies at fault for exposing. What’s worse is that cyber first responders on the ground and senior executives at the top are also fatigued. Everyone is overburdened with data breaches in the headlines.

 “During my time at the FBI, too often I walked into the largest organisations where panic outweighed rational thought. Years later while at Tanium, the explosion of data breach headlines has converted panic into complacency. It is important for all of us to fight through this, whether we are the consumers or the responders," says Mr McGregor.

In Australia data breaches have gone relatively unchecked, but as Australia enters a new era of Mandatory Data Breach Notification (MDBN), due to come into effect before the end of the year, the US experience will prove to be a valuable lesson for cyber security professionals in Australia endeavouring to prevent breach fatigue.

It is vital that organisations dealing with personal information have strategies in place to immediately notify affected users if and when a data breach occurs while arming their incident responders with the right tools and mental preparation for when it takes place. 

Arno Brok, CEO of AISA, says a mandatory data breach notification law will encourage businesses to protect themselves and their customers from significant financial and reputation losses. 

“We can learn from other countries that have implemented MDBN to ensure we do not create the glut of data breach notifications that has adverse effects and further erodes the trust we have in the internet and all its usages,” says Mr Brok.

Andre McGregor, Director of Security at Tanium is speaking on day 2 of the conference (Thursday 20 October 11:45am-12:30).


Media contacts: 
Arno Brok, CEO M: 0404 885 373 E: arno.brok@aisa.org.au 
Ellice Mol, Communications Manager P: (02) 8076 6012 E: media@aisa.org.au 
W: www.aisa.org.au/2016AISANationalConference

About the Australian Information Security Association (AISA)

The Australian Information Security Association (AISA) is the peak body for information and cyber security professionals. AISA champions the development of a robust information security sector by building the capacity of professionals in Australia and advancing the cyber security and safety of the Australian public as well as businesses and governments in Australia.

About the National Conference

This year’s AISA National Conference (18-20 October 2016), at the Four Points Hotel, Darling Harbour is themed: Cyber Security "Do we have IT right?