Europe seems poised to finalize the terms of the EU General Data Protection Regulation by the end of the year. The EU GDPR is set to drastically chance data protection law, including an increase in penalties for a breach up to 2% of a corporation’s annual global turnover. While these new laws will have a large impact on European businesses and IT professionals, the GDPR will also have an impact on US IT departments.
The FTC recently released a business guide that summarizes compliance lessons learned from the more than 50 data security settlements to-date. Start with Security: A Guide for Business offers actionable data security tips based on real-life security incidents and subsequent law enforcement actions. Whether organizations are reading this brochure or are reading about a breach in the news, there are always “compliance nuggets,” as the FTC notes, that can be learned from.
Today Absolute introduces a new brand identity that reflects our renewed commitment to data and device security and our position as an innovative market leader. Our InTelligence Community has also undergone a transformation, with a new logo and new look for the InTelligence Blog and InTelligence Forum. “The […]
2015 has been called the “Year of the Healthcare Data Breach,” and the year is only half over. The average cost of a data breach in healthcare is $5.9 million, higher than in any other industry. The 2015 HIMSS Cybersecurity Survey recently revealed that 68% of healthcare organizations experienced a significant security incident in the past year. Cybersecurity was identified as an increased priority in 87% of organizations, as cyber attacks become more common.
US Homeland Security Secretary Jeh Johnson recently spoke at a conference at the Center for Strategic and International Studies (CSIS) about the challenges of cybersecurity as they affect the federal civilian .gov world. In his speech, secretary Johnson stressed the importance of passing new cybersecurity legislation to improve data sharing when breaches occur. Indeed, his speech would go one step further to incentivize organizations to report non-breach security incidents.
The US Office of Personnel Management (OPM) recently released details about two cybersecurity incidents that impacted the data of Federal employees, contractors and others. In April 2015, it was discovered that the security incident led to the breach of 4.2 million current and former employees. While investigating this incident, it was discovered the breach was larger than originally thought.
According to research conducted by Arlington Research on behalf of Acronis, as many as 40% of UK organizations have no security policies in place to prevent employees from accessing or sharing sensitive data, which is a problem given the 60% who also report using personal devices at work.
The Information Commissioner’s Office (ICO) recently released its Annual Report 2014/15 which reflects the organization’s activities for the year, including those related to data privacy. In 2014/15 the ICO received 14,268 data protection concerns with 46% of concerns relating to the disclosure of data. This number has no direct correlation to the actual number of people affected by data breaches within the year, but the report nonetheless gives insight into areas of public concern.