Dave Jevans, chairman of IronKey and the Anti Phishing Working Group, looks at why locking down internal systems is not enough to combat sophisticated cyber criminals.
Although the threat from cyber criminals has existed for decades, the sheer volume of successful attacks on high profile brands during the last six months has highlighted an urgent need to protect against data breaches.
Having read a recent Gartner blog which stated that many of the of the IT security improvements they’ve seen over the past five years are fast becoming obsolete in the face of more sophisticated cyber attacks, turning the tables on the bad guys won’t be easy. Read more…
Like this:
One blogger likes this post.
All data breaches have two things in common: the need for prompt resolution and the need for a robust preparedness plan. Healthcare institutions especially should heed the call for an incident response plan because it provides the best preventive medicine to minimize financial and reputational risks. So PLAN, keeping in mind: People, the Law, and Action, with No time to waste.
People – Define the responsibilities of a coordinated incident response team. Don’t act alone. A good response team should include key internal players (In-house Counsel, IT, Compliance/Security, HR and Public Relations), as well as outside experts who confront data breaches on a regular basis (trusted Attorneys, Forensic Analysts and Fraud Monitors). These external experts can help restore key business functions, preserve crucial forensic evidence, strengthen data security, address victims’ needs, and communicate effectively with regulators and the public.
Read more…
Like this:
Be the first to like this post.
Brussels – The views of telecoms operators, Internet service providers, Member States, national data protection authorities consumer organisations and other interested parties are being sought by the European Commission on whether additional practical rules are needed to make sure that personal data breaches are notified in a consistent way across the EU. The revised ePrivacy Directive (2009/136/EC), which entered into force on 25 May 2011 as part of a package of new EU telecoms rules, requires operators and Internet service providers to inform, without undue delay, national authorities and their customers about breaches of personal data that they hold (see IP/11/622 and MEMO/11/320). The Commission wants to gather input based on existing practice and initial experience with the new telecoms rules and may then propose additional practical rules to make clear when breaches should be reported, the procedures for doing so, and the formats that should be used. Contributions to the consultation are welcome until 9th September 2011. Read more…
Like this:
3 bloggers like this post.
Categories: Breach Risk, Data Breach Legislation, Digital Preservation, Electronic Records, European Commission, Internet, Legal, personal data online, Records Management, Records Storage
Tags: European Commission, Neelie Kroes, personal data breaches
European Parliament members are up in arms after a recent admission by Microsoft that they may be required by the Patriot Act to secretly give U.S. authorities access to European data stored in Microsoft’s cloud. The controversy stems from the EU’s Data Protection Directive, which dictates that companies must notify users if/when their data is handed over to another party. If Microsoft is forced to follow Patriot Act guidelines, then that would mean the U.S. law would trump European law. Some parliamentarians have taken up the cause to prevent that from happening. Read more…
Like this:
Be the first to like this post.
Categories: Cloud Storage, Data Breach Legislation, Electronic Records, European Commission, Internet, Legal, personal data online, Records Management, Records Storage, Twitter
Tags: Microsoft, Safe Harbor act
Ninety percent of organizations have sustained at least one data breach in the past year, according to a survey released Wednesday by the Ponemon Institute and Juniper Networks.
Even worse, the survey of 583 U.S. IT and IT security practitioners found that a majority of organizations have experienced multiple successful attacks against their networks. Read more…
Like this:
Be the first to like this post.
The latest Ponemon Institute study called the chances of an organization being hacked in a 12-month period a “statistical certainty.”
Cyber-attacks are becoming more frequent and severe with the vast majority of businesses suffering as least one data breach in the past year, according to a new Ponemon Institute survey. Read more…
Like this:
Be the first to like this post.
Sen. Leahy and Rep. Bono Mack are pushing separate bills that would punish slow disclosure of data breaches. Versions of both bills failed earlier.
By John Adams
Public fallout from the data breaches that have affected Citigroup and other large enterprises in and out of finance in recent weeks has reached the political push back stage, with both Sen. Patrick Leahy (D-Vt.) and Rep. Mary Bono Mack (R-Calif.) hoping the events will breathe new life into data protection legislation that’s failed in the past. Read more…
Like this:
Be the first to like this post.
Posted by Cath Everett
What can businesses expect from the European Commission’s much tougher data breach rules?
It has been announced that the European Union is planning to make it mandatory for all businesses in the region to notify customers should the security of their personal information be breached.
As part of plans to update EU data protection legislation that was first introduced in 1995, European Union justice commissioner Viviane Reding said that she was also considering whether to include an “accountability principle” to protect the privacy of cloud computing users as well as a “right to be forgotten”. Reding told the British Bankers’ Association’s Data Protection and Privacy Conference in London on Monday that the aim in streamlining existing data breach rules across different member states was to simplify the current regulatory environment and reduce the admin burden on companies.
Read more…Like this:
Be the first to like this post.
