Search Results for: gdpr

UK companies were hit with fines totaling over £3.2m last year after falling foul of data protection laws, a new report reveals.

Analysis of figures from the ICO by PwC found that the 35 fines handed out in 2016 were almost double of  the previous year, despite repeated warning that the new GDPR regulations are just a year away.

Continue reading →

With a recent, but less publicized executive order from President Trump, there are things happening on both sides of the Atlantic with regard to personal data, and it looks like the US and the EU have very different ideas about which direction to take.

We all leave a digital trail these days, just going about our daily business. Much of it we don't think about, and we often consciously choose to trade this personal data ourselves, in exchange for free services. Think about it, your Internet searches, social media, the websites you visit and your location while you're doing it, even exercise activity and your home heating usage via a smart thermostat, all have data harvested and monetized by big business.

Continue reading →

Now might be a good time to consider that job as a chief information security officer you always wanted, because salaries are skyrocketing.

Thanks to an ever-increasing number in breaches, and the damage these breaches are causing, businesses in Europe have begun offering much better salaries to their CISOs.

Continue reading →

According to a survey conducted by Lepide, a leading security auditing solutions provider, 60 percent of companies are still not able to determine who has access to their critical data. The survey was conducted during a variety of trade shows including Infosec Europe, RSA Singapore, and DataConnectors Pittsburgh, and involved 250 face-face interviews.

A common misconception amongst organizations is that all cyber threats originate from outside their organization, yet according to a report published by mcafee.com, 43 percent of data breaches were the result of malicious or incompetent insiders. This problem is emphasized by the continuous surge in healthcare related breaches. For example, according to a report published by Protenus, of the 31 health data breaches disclosed in January 2016 "59.2 percent of breached patient records were the result of insiders."

Continue reading →

Two thirds of consumers in the UK would "break up" with a brand if it suffers a data breach.

That's according to a new report by Talend which highlights the importance of businesses engaging with customers to ensure they provide high-quality data security.

Continue reading →

In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.

The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.

Continue reading →

Public cloud providers have ultimate control over our data, applications, and data flows on their platforms. This capability is the main cause of anxiety and a top reason for many companies to shy away from public cloud.

One of the possible solutions to the problem is to implement a "lock and key" mechanism for public clouds. This would allow re-balancing of data control. The question is whether cloud providers want that.

Continue reading →

Pretty much every organization in the financial sector, 96 percent of them, struggles to find documents in the workplace. This is according to a new report by M-Files, saying financial sector organizations need to be better at protecting their information.

M-Files was quick to throw words like "putting customer data at risk" or "GDPR" around, too.

Continue reading →

Endpoints are often the weakest links in any IT system, but protecting them effectively now means much more than simply guarding against malware.

As businesses rely more on the cloud and on web-based applications, the endpoint provides a gateway that can be vulnerable to attack.

Continue reading →

Correct handling of corporate data is important not just to guard against security threats and data breaches, but to avoid the risk of regulatory fines and lawsuits too.

But a new report from secure erasing specialist Blancco Technology Group shows the two weakest links in a company's data governance program are uncontrolled user access to data (53 percent) and managing where data is stored (43 percent).

Continue reading →

Excessive employee permissions are exposing organizations to insider threats, ransomware and other risks according to the findings of a new report.

Using its Data Security Platform, threat prevention specialist Varonis conducted over a thousand risk assessments for customers and potential customers on a subset of their file systems totaling over 236 million files and 3.79 petabytes of data.

Continue reading →

Customers are coming to expect a more personalized service, but that means exposing more of their information to businesses.

But a new survey from identity management company Gigya reveals that many still don’t trust brands with their personal information.

Continue reading →

Even for businesses in sectors like finance and healthcare where compliance and security is ingrained in the culture, protecting sensitive information is a major challenge.

For other sectors where it's incidental to the main business, compliance can be a major headache. With new payment card security requirements and other regulations like GDPR coming into force, businesses in sectors like hospitality need to up their game. We spoke to Geoff Milton, security strategist at data protection company ShieldQ to find out how the hospitality industry can overcome the headaches associated with compliance.

Continue reading →

Hardly a day goes by without some media coverage that is focused on cyber. Whether is it sensationalist headlines announcing the most recent cyber-attack that has left some unfortunate company red faced and bereft, the outcome of yet another survey generally conducted by an entity selling cyber related goods or services, or the announcement of new regulation and legislation. A front page headline of CITY AM screams CYBER CRIME WIPES £42BN OFF SHARES -- surely there cannot be a board director left who can deny awareness that cyber-crime poses a threat to his or her business.

Having engaged in the cyber debate for more than a decade, it seems we can at last all agree that the foundation stone is now well in place with widespread, if not universal, acceptance that cyber-crime and cyber risk are real and now an ever present challenge to businesses.

Continue reading →

New legislation being considered by the Trump administration suggests that UK citizens traveling to the United States would have to hand over personal information such as passwords to their social media accounts and access to the contacts in their mobile phone or risk being denied entry to the country.

This comes just weeks after another travel-based regulation that banned certain electronic devices from some countries in North Africa and the Middle East bound for either the US or UK. At the same time, the upcoming GDPR is putting huge pressure on organizations to secure their data. How do these new travel regulations impact organizations trying to secure their sensitive data?

Continue reading →