B&TB&TB&T
  • Advertising
  • Campaigns
  • Marketing
  • Media
  • Technology
  • Regulars
    • Agency Scorecards
    • Best of the Best
    • Campaigns of the Month
    • CMO Power List
    • CMOs to Watch
    • Culture Bites
    • Fast 10
    • New Business Winners
    • Spotlight on Sponsors
  • Jobs
  • Awards
    • 30 Under 30
    • B&T Awards
    • Cairns Crocodiles
    • Women In Media
    • Women Leading Tech
Search
Trending topics:
  • Cairns Crocodiles
  • Nine
  • Seven
  • Cannes Lions
  • State of Origin
  • NRL
  • WPP
  • Pinterest
  • Thinkerbell
  • B&T Women in Media
  • imaa
  • AFL
  • Anthony Albanese
  • Spotlight on Sponsors
  • AI
  • Meta
  • Foxtel
  • TV Ratings
  • Radio Ratings
  • Sports Marketing

  • About
  • Contact
  • Editorial Guidelines
  • Privacy
  • Terms
  • Advertise
© 2025 B&T. The Misfits Media Company Pty Ltd.
Reading: Creating A Culture Of Privacy Awareness
Share
B&TB&T
Subscribe
Search
  • Advertising
  • Campaigns
  • Marketing
  • Media
  • Technology
  • Regulars
    • Agency Scorecards
    • Best of the Best
    • Campaigns of the Month
    • CMO Power List
    • CMOs to Watch
    • Culture Bites
    • Fast 10
    • New Business Winners
    • Spotlight on Sponsors
  • Jobs
  • Awards
    • 30 Under 30
    • B&T Awards
    • Cairns Crocodiles
    • Women In Media
    • Women Leading Tech
Follow US
  • About
  • Contact
  • Editorial Guidelines
  • Privacy
  • Terms
  • Advertise
© 2025 B&T. The Misfits Media Company Pty Ltd.
B&T > Opinion > Creating A Culture Of Privacy Awareness
OpinionTechnology

Creating A Culture Of Privacy Awareness

Staff Writers
Published on: 7th May 2021 at 9:28 AM
Edited by Staff Writers
Share
7 Min Read
Anonymous hacker in front of his computer with red light wall backgroundAnonymous hacker in a black hoody with laptop in front of a code background with binary streams cyber security concept
SHARE

As Privacy Awareness Week closes, it’s important to reflect on what makes a data secure culture in the workplace. Here are five tips to create a culture of awareness in your workplace.

By Leana El-Hourani, head of governance, risk and compliance at IVE

Data is arguably the world’s most valuable commodity and protecting the privacy of that data is crucial to any business’ success.

More and more, we see news about the latest Cybersecurity incident that’s brought a company to its knees. Take just this week for example.

NSW Labour was hacked demanding a ransom within 240 hours. Uniting Care was cyber attacked by notorious ransom gang REvil/Sodin and insurance companies have hiked premiums by up to 30 per cent to counter cyber attacks.

That’s all during this week!

Privacy and data breaches are what keep CEOs and CIOs up at night, and rightly so. Having military grade systems in place is a necessity, and even then, there are no guarantees.

During Privacy Awareness Week, ask yourself the question, does your business have the resilience needed to survive when a cyber attack happens?

If the answer is no, or you’re not sure, here are some tips on how to create a culture of Privacy Awareness to prevent data breaches.

Align with partners that invest in the security of data

Look for certifications such as ISO 27001, PCI-DSS, IRAP and SOC2. Having certifications is a massive investment and demonstrates an organisation’s commitment to the protection of information.

It’s vital if you want to build trust with your customers—especially when they hand over their data to you every day.

Having certifications means the business must undergo regular scrutiny to meet the requirements of those standards, this requires an ongoing review of controls to ensure best practice processes and continuous improvements are in place, and with malicious actors becoming more sophisticated, it’s not an easy feat to achieve or maintain.

Organisations are also responsible for how third-parties use and collect personal information. The third-party should have policies on how they collect, store, use and share personal information.

Cyber incidents such as those that affected ASX-listed aged care operator Regis in August last year, Isentia in November, and more recently the entire UnitingCare Queensland internal IT system attacked by ransomware software, demonstrated that the cost of these incidents is profound with costs in the millions of dollars, damage to reputation and impact on customers.

Working with organisations who invest in certifications goes a long way in mitigating risks.

Educate your staff

With human error still a major cause of data breaches, ensuring that you have a meaningful and relevant awareness training program is essential.

We are all responsible for data security, from the operational floor, to the executive level, it is imperative that all parts of the business understand the obligations of the Privacy Act, and the Policies in place to protect your information.

From January to June 2020, the number of data breach notifications attributed to ransomware attacks increased by more than 150 per cent compared to the previous six months—increasing from 13 to 33.

As a result, simulated phishing attacks with appropriate reporting procedures are an excellent example of a strong security culture within an organisation. Thereby reducing the chances of fraudulent activity.

Ensure there’s a process for capturing when things will occasionally go wrong and learn from them.

Make the business resilient

Having a plan for when things go wrong is critical, as the recent pandemic events have taught us. Ensuring that a Business Continuity Plan is in place and tested regularly shows that a business is prepared for known risks.

COVID-19 meant that a privacy impact assessment was necessary to evaluate the impact of remote working, potential site closures, and reviewing suppliers to ensure that the privacy of information was still being maintained.

Get your teams involved in audits. By ensuring that your staff know what the auditors are looking for, they’ll value the importance of the policies and procedures in place and will be able to make them more effective and relevant to the business.

Do your due diligence and monitor any partners and vendors. If you don’t know what your third-party’s policies are, ask. This may prompt them to become more privacy aware.

Remember if a vendor or partner’s data is compromised, your data could be too!

Use risk language

Have a robust risk management process and ensure every team member knows how to identify and report a risk.

Risk management language such as mitigation, risk treatment plans and risk ratings should be spoken at every meeting. Risks should not just be discussed in the boardroom, but within all levels of the business.

Have a good Data Breach Policy

Ensuring that everyone understands what to do in the event of an incident is imperative, and not having one could have a disastrous effect on the business and impacted individuals.

A good data breach policy will provide step by step instructions and the tools to facilitate communication through the business.

No matter what an organisation does, there’s always the chance that something could go wrong. Focus on the five steps and watch your culture change.

Leana El-Hourani is IVE Group’s head of governance, risk and compliance.

Join more than 30,000 advertising industry experts
Get all the latest advertising and media news direct to your inbox from B&T.

No related posts.

TAGGED: IVE
Share
Staff Writers
By Staff Writers
Follow:
Staff Writers represent B&T's team of award-winning reporters. Here, you'll find articles crafted with industry experience spanning over 50 years. Our team of specialists brings together a wealth of knowledge and a commitment to delivering insightful, topical, and breaking news. With a deep understanding of advertising and media, our Staff Writers are dedicated to providing industry-leading analysis and reporting, both shaping the conversation and setting the benchmark for excellence.

Latest News

Rexona Goes Downstairs In Ballsy New Campaign Via Mindshare
15/07/2025
L-R: Nate Vella, Erin Fraser, Ori Gold.
Bench Media Makes Raft Of New Hires & Promotes Nate Vella & Erin Fraser
15/07/2025
James Curtis.
Ogilvy PR Wins Tourism New Zealand Account Following Competitive Pitch
15/07/2025
Kate Sheppard.
Fast 10: Kate Sheppard On How Creativity Flows Around A Lazy Susan
15/07/2025
//

B&T is Australia’s leading news publication magazine for the advertising, marketing, media and PR industries.

 

B&T is owned by parent company The Misfits Media Company Pty Ltd.

About B&T

  • About
  • Contact
  • Editorial Guidelines
  • Privacy
  • Terms
  • Advertise

Top Categories

  • Advertising
  • Campaigns
  • Marketing
  • Media
  • Opinion
  • Technology
  • TV Ratings

Sign Up for Our Newsletter



B&TB&T
Follow US
© 2025 B&T. The Misfits Media Company Pty Ltd. All Rights Reserved.
Welcome Back!

Sign in to your account

Register Lost your password?