South African companies have been hit by several high-profile data breaches in the last year or two, but it was the recent Facebook event that really focused the minds of South Africans on the risks and obligations when dealing with clients’ personal information.
This is the view of Ahmore Burger-Smidt, partner at Werksmans Attorneys and co-author of the book A Commentary on the Protection of Personal Information Act, which was launched last week.
Even more recently insurance giant Liberty was held to ransom by malicious cyber-attackers who threatened to release “critical information” of “top clients”. Liberty refused to pay the ransom and seemed to have survived without major damage.
Burger-Smidt says that almost half of all cyber attacks in South Africa are malicious, roughly a quarter are the result of human error, and the balance are due to system failures.
She says quantifying the potential cost of a data breach should not only be viewed in terms of the cost of buying new encryption software, doing a bit of training or risk assessment.
Any data breach brings about both internal and external costs. Internal cost relates to the time it takes to get to the root…
