Home    Regulatory Compliance    Notifiable Data Breaches (NDB) Compliance

Overview

The Notifiable Data Breaches (NDB) legislation, introduced as an Amendment to the Australian Privacy Act (1988), establishes a data breach notification scheme to protect individuals’ personal information. The NDB scheme requires businesses to promptly notify the Office of the Australian Information Commissioner (OAIC) and affected individuals in the event of unauthorized access, disclosure, or loss of personal information that is likely to result in serious harm to individuals. The legislation aims to empower individuals affected by data breaches and ensure transparency in the handling of personal information. 

For more information, refer to the NBD Australia publication: https://www.oaic.gov.au/privacy/notifiable-data-breaches  

Netsurion Managed XDR for NDB Compliance 

Netsurion Managed XDR combines SIEM, log management, proactive threat hunting, and guided incident response to effectively meet the requirements outlined in NDB compliance. With comprehensive monitoring, analysis, and reporting capabilities organizations can identify and manage their assets, establish access controls, protect resources, and respond promptly to incidents. 

By leveraging Netsurion Managed XDR, organizations can enhance their data breach detection and response capabilities, ensure compliance with the NDB legislation, and protect personal information. This fosters customer trust, demonstrates commitment to privacy, and helps mitigate the potential harm caused by data breaches. 

Using Netsurion Managed XDR to meet NDB Requirements

Protect against unauthorized and unlawful access, loss or damage

Monitor the entire enterprise for activity and threat information across platforms, applications, networks, security controls and end points to protect the security of personal data and to alert on breach or misuse.

  • Netsurion Open XDR monitors and alerts on access to sensitive data sets, file shares and records. Monitor all print
    activity including Doc ID, printer, user, success or fail.
  • Netsurion Open XDR continually monitors availability and integrity of firewalls, anti-malware and IPS. Alert on change and failure.
  • Netsurion Open XDR audits and monitors all OS security groups and policy relevant to databases, apps and file share. Alert on additions to sensitive groups.
  • Netsurion Open XDR collects the logs from devices and application and Alert on email export of personal data to unknown recipients.

Ensure and demonstrate data protection

Implement extensive and fully auditable monitoring to allow detailed querying and filtering of data, with drill-down, to enable issues to be rapidly investigated, corroborated and understood.

  • Netsurion Open XDR alerts on activity of new users and those subject to “managed risk”. Visualization of personal data access. Netsurion Open XDR Monitoring establishes How, Where and When access occurs.
  • Netsurion Open XDR monitors application workflows, identifying backlogs and inappropriate processing.

Implement security to prevent unlawful access, disclosure or loss

Use security analytics to process data in real-time and identify activity or behavior indicating misuse or breach of personal data. Use dashboards to enable rapid demonstration of compliance.

  • Netsurion Open XDR monitors and alerts on Windows Plug and Play (PnP) events indicating connection of removable media & devices.
  • Netsurion Open XDR real-time dashboards how Confidentiality, Integrity and Availability status of all sensitive data assets.
  • Netsurion Open XDR correlates privilege user network authentication with critical business service change likely to lead to failure. Automatically analyzes, alerts, and remediates.
  • Netsurion Open XDR monitors corporate mobile devices and alert on attempted connection to data services when out of country.

Take steps to protect against insider data abuse

Monitor use of applications and access to data across the enterprise but also monitor users, privileges and behaviors to spot unauthorized use by insiders or compromised users.

  • Netsurion Open XDR monitors and alerts on Windows PnP events indicating connection of removable media & devices.
  • Netsurion Open XDR monitors the connection of USB device to the network, correlated with current user, terminal and data. Alert on non-compliance with policy.
  • Netsurion Open XDR monitors and correlates network terminals, devices and users to identify and alert on unusual access e.g. an account authenticates from external IP at non-business hour.
  • Netsurion Open XDR monitors database workflows to identify irregular patterns of activity indicating potential user negligence or mistake.