by Jennifer O'Brien

BSA urges vigilance as data breach laws loom large

Mar 08, 2018
Business ContinuityComplianceData Center

There were a record number of cases of unlicensed software settled in 2017, a figure that doubled from the previous year, BSA said on Thursday.

In 2017, BSA settled over $AU347,000 worth in damages across 28 cases for the use of unlicensed software from businesses around Australia and is warning businesses to be vigilant about data safety.

The largest settlement involved a Western Australia-based energy company which was found to be using unlicensed software and settled for over AU$40,000. Each business caught using unlicensed software was required to purchase genuine software licenses for its ongoing use, in addition to paying the copyright infringement damages.

On the back of this record year and with the federal government’s Notifiable Data Breach (NDB) legislation recently enacted, the BSA is concerned that businesses aren’t doing all they can to protect their customers’ data.

At the same time, BSA is urging businesses to consider the safety of their customers’ data before installing invalid licenses, and reminding businesses of increased cybersecurity risks associated with unlicensed software.

“Businesses need to remember that unlicensed software, or software downloaded from an unknown source, may contain malware which puts an organisation and its customers at significant risk of becoming the victim of a data breach,” BSA APAC director of compliance programs, Gary Gan, said in a statement.

“And without properly licensed software, organisations don’t receive patch updates which strengthen the software’s security and address vulnerabilities, which otherwise would leave the business exposed.”

The new NDB legislation requires that an organisation with an annual turnover of $AU3M or more declare if it has been the victim of a data breach.

The organisation is required to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm, as well as notify the Australian Information Commissioner.

“It’s especially important that organisations are ensuring they’re doing all they can to protect their data given the recent introduction of NDB legislation. In order to stay on top of their software licensing, businesses should consider investing in SAM tools. The potential consequences faced by businesses that are found to be using unlicensed software far outweighs the cost of investment into SAM, something that all businesses should be considering,” Gan said.