IT Governance Blog on IT governance, risk management, compliance and information security.

High profile news stories such as the recent Phishing attacks on Web Mail services such as Hotmail and GMail frequently brings the importance of online security to the attention of the general public, but for millions of unsuspecting home owners and smaller businesses it is often too late. Consider:

• There was a 207% increase in account takeover fraud in 2008.
• Online banking fraud has increased by 132%, with losses totalling £52.5m, compared to £22.6m in 2007.
• There were 44,000 phishing websites specifically targeting banks and building societies in the UK in 2008.
• £181.7m of card fraud took place on the Internet in 2008, representing 55.3% of total Card Not Present (CNP) fraud losses.
• Just under 50% of UK businesses experienced a computer security incident (around 860,000). The number having a serious breach has stayed constant at around 25% (around 430,000).
• 16% of businesses experienced an attack from an unauthorised outsider (including hacking attempts) (137,600 incidents).

There are Ten simple steps which will dramatically reduce the liklihood of a business or small home network from falling victim to hackers, phishing attacks, viruses and so on. To find out what these 10 simple steps are simply fill in the form on our website and we’ll email you the free guide immediately.

For the latest information and worldwide trends in corporate data breaches – those that affect personally identifiable information and contravene laws such as the UK Data Protection Act, HIPAA and so on – and identifies best practice for avoiding business, regulatory and brand damage – you should read our best practice report: Data breaches: Trends, costs and best practices.

Data breaches: Trends, costs and best practicesTimely and authoritative, this report is aimed at executives, information security managers, risk managers, auditors, compliance managers, stakeholders and data controllers worldwide. It assesses the reality in today’s data breach landscape, recognises the real, damaging trends that affect businesses, stakeholders and individuals and identifies current and emerging best practice in controlling the risks – and costs – arising from inadequate security in relation to personal data.

Critically, this report identifies the real failures at the heart of data insecurity – in the recent IT Governance survey, for example, sixty-eight percent of employees admitted to bypassing their employers’ information security controls in order to do their jobs.

This finding suggests that, even in some of the most sophisticated and security-conscious organisations, managers are failing to understand the correct balance between the requirements in respect of confidentiality and availability of information. By implementing the wrong policies and procedures, they are potentially putting their organisations at risk and may be undermining the legitimacy of information security in employees’ eyes.

This report, its findings and recommendations, help organisations around the world strike the correct balance between data availability and data security.

Order this essential best practice report today for immediate download!