Better Business Technology

New data breach notification rules warning for business leaders

BUSINESS owners and leaders will have to count extra cyber security and data breach contingency plans as part and parcel of everyday business from now on, with the recent passing of the Federal Government’s Privacy Amendment (Notifiable Data Breaches) Bill 2016.

The Bill further enshrines Australian Privacy Principle 11, which requires all Australian entities to take reasonable steps to secure personal information they hold.

According to the ACS, the professional association for Australia’s ICT sector, the legislation will produce a heightened focus within the public and private sectors on all aspects of cybersecurity. 

The ACS said for ICT professionals, the Bill gives overdue recognition to the importance of data in the digital economy and the potential for serious harm where, through accident, malfeasance or cyber attack, a data breach occurs.

“As we transition to a digital economy, now more than ever the focus must be on ensuring Australia captures the opportunities of the information age, while protecting the rights of the individual,” ACS president Anthony Wong said. “This legislation will be a critical step forward in the elevation of data protection and cybersecurity issues on the C-suite agenda.

“In an era of Big Data, the protection and privacy of personal information must be a primary consideration in the planning and construction of large scale ICT systems, not an afterthought.

“Given the growing problem of cyber crime, the ACS strongly supports initiatives which demand both the public and private sectors act to prevent cyber threats and address their consequences.

“Over and above the specific legal mechanisms of the new Act, the ACS believes it will give issues concerning data protection and cybersecurity a new level of transparency, lifting overall awareness of cyber safety, how to mitigate risk and ultimately providing better protection for individual citizens. While nothing is ever 100 per cent secure, the Act promises to give Australians who provide personal information to government and business greater confidence,” Mr Wong said.

“To deliver on the promise of this new legislation it is critical to recognise that cybersecurity is a collective responsibility, relevant at all levels of an organisation.

“The ACS looks forward to working with government and industry on best practice approaches to ICT security systems and protocols and the education and training of ICT professionals to meet both the spirit and the letter of the new legislative requirements.”

Mr Wong said the ACS had for many years been a vocal advocate of regulation mandating data breach notification and strongly endorsed the guiding purpose of the Bill, “to allow individuals to take steps to protect themselves from a likely risk of serious harm resulting from a data breach”.



Making 3D maps: 2016 GovHack winners announced

WINNER of the No Boundaries Data Hack category in the 2016 GovHack Red Carpet Awards, Legends of Tomorrow, could open up new possibilities for predicting Australia’s regional futures.

Legends of Tomorrow, developed by the Shape the future team from Victoria, used a range of government population, environment and weather data to project the future of neighbourhoods, including population, cultural backgrounds, environment including vegetation and waterways,  and potential future climate conditions. 

The 2016 GovHack Red Carpet Awards were held in Adelaide on October 22. The event is backed by Geoscience Australia and entrants to use government data from multiple states and territories to unlock the value of data across borders..

The winner of the Geoscience Australia's Exploring Underground bounty prize was a 3D printed geophysical data model, created by Victoria's Petrified Data team. Using a series of 2D geoscience datasets from Geoscience Australia, the team created a series of hand-painted 3D printed models including a cool-looking 3D map of geothermal temperatures across the Australian continent.

Geoscience Australia judges also gave a mention to the On Earth, We are On Earth team’s Flood Watch entry which aimed to use datasets published by Geoscience Australia and the Bureau of Meteorology to develop a real-time flood warning app.

GovHack is a three day ‘hackathon’ that sees teams from across Australia and New Zealand compete to develop new applications using open government data. The volunteer-run event is sponsored by large technology companies, several government departments and a range of high-visibility start-ups and innovators.

As part of its contribution to the 2016 competition, Geoscience Australia offered key datasets and sponsored the Exploring Underground bounty prize. Together with PSMA Australia, Geoscience co-sponsored the Major GovHack prize for the best No Boundaries Data Hack. Both prizes were presented at the awards ceremony by the Assistant Minister for Industry, Innovation and Science, Craig Laundy.

Geoscience Australia encourages use of its data for real-world outcomes, and helping people to engage in, understand and use scientific information in their everyday lives. As the national geoscience agency, it holds a vast range of geoscientific and geographic data that supports the management of Australia's precious water resources, hazard modelling for safer communities, exploration for mineral and petroleum resources, as well as helping to manage Australia's maritime jurisdictions.


Eight technologies essential for business to understand – PwC

TECHNOLOGICAL change is happening as such a pace that business leaders can rarely keep pace – yet they must do so in order to make vital decisions on company futures.

Global advisory firm PwC has prepared a report on the ‘megatrends’ of technological breakthroughs and identified eight essential aspects business leaders must get their head around.

For its report, Tech breakthroughs megatrend, PwC evaluated more than 150 technologies globally and developed a methodology for identifying those which were most pertinent to individual companies and whole industries. 

The result is a guide to the ‘Essential Eight’ technologies PwC advisors believe will be the most influential on businesses worldwide in the very near future: artificial intelligence,  augmented reality, blockchain, drones, the internet of things (IoT), robots, virtual reality and 3D printing.

The specific technologies that will have the biggest impact on each industry will vary, but PwC believes the list of eight comprises technologies with the most cross-industry and global impact over the coming years.

To arrive at the Essential Eight, PwC filtered technologies based on business impact and commercial viability over the next five to seven years – shortened to three-to-five years in developed economies.

The specific criteria included a technology’s relevance to companies and industries; global reach; technical viability, including the potential to become mainstream; market size and growth potential; and the pace of public and private investment.

“Most companies have laid a foundation for emerging technology, investing in areas such as social, mobile, analytics and cloud,” PwC’s global new business leader, Vicki Huff Eckert said.

“Now it’s time for executives to take a broader view of more advanced technologies that will have a greater impact on the business.”


Ms Huff Eckert said companies continually waited for the “next big thing,” believing that a particular technology trend either would not amount to much, or that it would not affect their industries for years to come.

However, she said, disruption is happening today at a faster rate and higher volume than ever before.

“Innovations throughout history have tipped the balance in favour of the innovators. In that sense, technological breakthroughs are the original megatrend,” she said.

“The ubiquity of technology, with increased accessibility, reach, depth, and impact are what will expedite adoption of the Essential Eight.”

PwC believes the Essential Eight technologies will shake up companies’ business models in both beneficial and quite challenging ways. Across industries and regions, the emerging technology megatrend will influence strategy, customer engagement, operations and compliance.

As a result, the report outlines, leadership teams should find effective answers to three fundamental questions:

Do we have a sustainable innovation strategy and process?

Have we quantified the impact of new technologies? If not, how can we do that—and how soon?

Do we have an emerging-technologies road map? If so, are we keeping it up to date?

According to PwC’s report, executives should not treat the Essential Eight technologies as a sort of checklist to delegate to the chief information officer (CIO) or chief technology officer (CTO).

Rather, exploring and quantifying emerging technologies — and planning for them — should be a core part of a company’s corporate strategy, involving all levels.

Ms Ms Huff Eckert said before developing an innovation strategy and exploring and quantifying emerging technologies, executives “should educate – or re-familiarise – themselves with these technologies and what they can do”.



Digital Marketplace platform should make it easier for businesses to work with government

THE Assistant Minister for Cities and Digital Transformation, Angus Taylor has launched a Digital Marketplace platform, which aims to make it easier for businesses to work with the Federal Government on technology projects.

Mr Taylor said the Digital Marketplace would provide "a richer and simpler environment for technology procurement and for businesses to provide specialist digital services to government".

"Government buyers can now publish briefs for requirements, suppliers can respond to those briefs and two-way collaboration can take place," Mr Taylor said. 

In March this year, the Digital Transformation Office ran an open tender process asking businesses to join a Digital Service Professionals panel. 
"As a result of this process, more than 220 digital service professionals can now be discovered on the Digital Marketplace," Mr Taylor said.
He said the Marketplace was simplifying what had been a bureaucratic process for businesses to access government technology work.
“This is an important change in the way government has traditionally done business. It’s a new platform for businesses and government to work together in a creative and flexible way.
"I congratulate the Digital Transformation Office on delivering the Beta product well ahead of schedule.”
Assistant Minister Taylor encouraged SMEs as well as start-ups to get on board.
Another feature of the Marketplace will be to allow government buyers to launch challenges to solve digital business problems and for suppliers to pitch creative ideas to solve these problems. This will allow government to create blue sky thinking opportunities, giving businesses the chance to develop innovative digital solutions for government.
The Digital Marketplace will also use analytics, allowing buyers and sellers to be rated on performance and the process and outcomes to be continually improved. It is an example of simpler, clearer and faster public services that will benefit businesses and the whole community, Mr Taylor said.
The Digital Transformation Office is developing the Digital Marketplace as part of the Government’s National Innovation and Science Agenda.
Businesses seeking further information on the Digital Marketplace can e-mail This email address is being protected from spambots. You need JavaScript enabled to view it.

Hackers beat businesses by ‘default’

RECENT cases of computer hackers gaining access to, and exploiting, sensitive business systems by discovering ‘default’ passwords are a chilling development, according to Surety IT technology director Geoff Stewart.

“I’ve heard some horror stories about devices being hacked that had default passwords on them but none as bad as the one I heard last week,” Mr Stewart said. “It has always been best practice to change default passwords on all computing devices to secure them and make them less likely to be hacked.

“A colleague who works in the manufacturing industry made a bee-line for me at an event when he saw me to get my advice.  He told me that their phone system had been hacked and they were being billed for over $40,000 by their telco in call charges.” 

After hours on a Friday the hackers called every direct number in the business and tried the usual default password for a phone system extension ‘0000’ and tried to get access to the admin/set-up of that extension.  When they found an extension with a default password they diverted the phone to a foreign premium rate number, which belonged to them, and set-up an autodial to continuously call the number. On Monday morning, before hours, the hackers logged back in and removed the divert.

Employees came into work on the Monday and were totally oblivious to what had been going on over the weekend. 

“It was only when they got a call from their telco who said about the suspicious number of calls to the foreign number that they knew something had happened,” Mr Stewart said. “The telco asked did they want to block foreign call-outs and the business said ‘yes’. 

“There was no indication at this stage that the system had been hacked.  For whatever reason the hackers were able to still make foreign calls on the extension and the overall damage in phone charges was over $40k.”

Mr Stewart advised businesses to immediately change default username and passwords for all network connected devices.

“This is becoming more and more of a risk with the Internet of Things and also why doesn’t Telstra have something in place that will spot patterns of suspicious behavior and put a block on it temporarily until the owner can confirm that it is legitimate, a bit like banks and credit cards?” he asked.

“The business in question reported the incident to ACORN and the telecommunications ombudsman but as yet neither have been of much help, so they not sure what to do next.”

Mr Stewart said he heard the very next day of a very similar incident happening to another business, with the same outcome, “a bill of $5k from their telco from a hacked phone system”.

Surety IT has developed a checklist for business leaders to protect phone networks and head off phone hackers:

  • Read your contract and know what you’ve signed up for.
  • Find out from you provider what kind of fraud protection it offers.  If it doesn’t offer any, it’s probably best to move on.
  • Make sure your PBX is sitting behind a firewall.
  • Make sure every user on the phone network uses a complex password, if possible.
  • Tell you provider to switch off international calls, if you don’t need them.
  • Consider placing limits with your provider on the dollar amount you’re willing to have spent each day on international calls.
  • Create a whitelist of IP addresses that are allowed to make phone calls.

Best password policies for devices:

  • If you can, change the default username to something different.
  • Don’t use a shared administrator password across devices.
  • Make your device passwords strong with a minimum of 9 characters.
  • If you can use passphrases instead of passwords.
  • Store the passwords securely.
  • If you are in any doubt, contact your trusted IT partner.


About Geoff Stewart

Geoff Stewart is a highly experienced and skilled technology director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.


Surety IT warns on vicious new ransomware

COMPUTER and internet security specialists Surety IT are warning of sophisticated new ransomware coming through internet channels that have caught many companies out – and cost them a lot of money in make-goods.

Ransomware is a type of malware that blocks access to computer files and forces the user to pay a ransom in order to release them, according to Surety IT technology director Geoff Stewart. 

Mr Stewart said the FBI is investigating a particularly nasty version of ransomware known as Samas that attempts to encrypt files on computers across an entire network, rather than just individual computers.

“As reported by Reuters, the FBI has warned businesses that the group behind Samas was utilising an automatic tool to find servers using an out of date version of popular software,” Mr Stewart said.

“They would then take advantage of a weakness in the software to install the ransomware remotely on computers connected to the network. The ransomware is also thought to delete backup files.

“Computer users are advised not to click on links or open attachments in uninvited or unexpected emails and be wary about the websites they visit as security researchers identify hazardous new versions of ransomware,” Mr Stewart said.

“They should keep regular backups of important files and store the backups in a location away from a network.”

Mr Stewart said he had also come across an attack system recently known as Petya. It is an email with a link to an infected file claiming to be a resume.

“Once downloaded and implemented, the malware crashes Windows and overwrites systems on the computer,” Mr Stewart said. “A payment is demanded upon reboot.  The ransom amount is doubled if the user does not pay by the deadline set by the criminals.

“If your computer has been infected by ransomware, you should update your system and restore the affected files from backup.  I would suggest seeking technical advice if you are unsure about the next steps.

“I don’t recommend paying any ransom demanded to decrypt files. There is no guarantee the attackers will give you a working decryption tool, and you are also not protected against future attacks.”

Mr Stewart said affected businesses should also change all passwords and usernames on all computers, choosing strong passwords. 

Surety IT is an Industry Expert member of Queensland Leaders, Victorian Leaders and NSW Leaders, the organisations helping to foster the next generation of leading Australian companies.


Nuance solutions help ATO and Jetstar win customer service awards

NUANCE Communications customers Jetstar Airways and the Australian Taxation Office (ATO) relied on the technology to win Gold Stevie Awards for Innovative Use of Technology in Customer Service at the third annual Asia-Pacific Stevie Awards.

The two award wins, coupled with another seven Stevie Awards linked to Nuance technology in North America, have taken recognition of the systems to new levels.

Jetstar and the ATO were specifically acknowledged for their innovative use of Nuance’s intelligent self-service solutions, demonstrating the demand for advanced self-service technology to maintain a competitive edge in the evolving digital world.

The ATO’s citation explained how the tax office had to overcome distinctive challenges with customer engagement and to strengthen the relationship with Australian taxpayers. The ATO started this by implementing Nuance’s voice biometrics technology across contact centres and mobile app. 

By providing secure, fast and simple tools to verify a customer’s identity, the ATO was able to greatly improve the experience for its customers, according to the citation.

In fact, the ATO became the first organisation to offer voice biometrics authentication to customers across multiple channels by implementing Nuance’s voice biometrics across the desktop and mobile channels.

Jetstar collaborated with Nuance to develop ‘Ask Jess’ – an intelligent virtual assistant who answers customer’s questions through conversational, human-like dialogue. Together with Nuance, Jetstar identified the top questions being asked by customers about the airline’s products, policies and services.

Nuance implemented answers to these common questions into the virtual assistant designed specifically for Jetstar. Ask Jess uses advanced Natural Language Understanding (NLU) technology to deliver a natural, conversational experience. Ask Jess now regularly engages in more than 220,000 conversations per month – not only understanding customer’s words but also their intent, and offering an innovative option for customers to receive personalised responses.

Both Jetstar and the ATO were commended by judges on the impressive use of advanced technology that simplifies the way customers interact with the companies they do business with.

“It’s extremely rewarding to see the benefits of Nuance’s intelligent solutions receive such prestigious recognition,” Nuance Asia senior vice president and general manager for Asia Pacific, Jason Stirling said. “Even more so, it is great to see our customers recognised for their efforts in redefining the customer service experience.”

The awards were be presented to winners at the Westin Hotel in Sydney on May 27.





Contact Us


PO Box 2144