IT Governance Blog on IT governance, risk management, compliance and information security. » Data Security

Latest DPA breach highlights the need for physical and cyber data protection

kwright — Tue, 07 Feb 2012 11:07:26 +0000

The Information Commissioner’s Office (ICO) announced on Friday that E*Trade, a global financial services company, breached the Data Protection (DPA) Act by losing over 600 customer personals details. The company discovered files of 608 customers had been lost when asked to retrieve them from a storage facility in which E*Trade were keeping them. Head of [...]

Latest DPA breach highlights the need for physical and cyber data protection is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Midlothian Council Fined £140,000 for 5 DPA Breaches

kwright — Tue, 31 Jan 2012 10:04:08 +0000

Yesterday the Information Commissioner announced that he had fined Midlothian Council £140,000 for disclosing sensitive personal information to the wrong recipient on 5 separate occasions. All 5 breaches involved children’s social service reports and occurred between January and June 2011.

Midlothian Council Fined £140,000 for 5 DPA Breaches is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

29.2% of data breaches could be avoided just by insisting on encrypted USB sticks.

James Warren — Tue, 31 Jan 2012 09:04:31 +0000

For management, SafeConsole enforces full, granular control, policy enforcement and auditing over an organisation's SafeXs devices, and enables a host of productivity and management features.

29.2% of data breaches could be avoided just by insisting on encrypted USB sticks. is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

O2 suffers data leak – but do they care?

kwright — Thu, 26 Jan 2012 11:07:46 +0000

Mobile giant 02 have suffered a couple of embarrassing gaffs this week. Firstly it was revealed that they had been inadvertently been passing their customers phone numbers on to any site that they visited when using O2’s 3G network on smartphones. With almost half of O2’s customers using smartphones, the data leakage could possibly have affected up to 15 million people.

O2 suffers data leak – but do they care? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Charity loses memory stick containing unencrypted patient data

Melanie Watson — Mon, 23 Jan 2012 11:09:47 +0000

Since losing the memory stick and coming under the wrath of the ICO for suffering a data breach, Praxis Care is now committed to improving its data protection standard.

Charity loses memory stick containing unencrypted patient data is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Hackers; where is the justice?

Melanie Watson — Tue, 17 Jan 2012 09:20:09 +0000

After a data breach occurs, how much investigation goes into finding the hacker that committed the crime? Little? Or none? It is easier to blame the company where the attack occurred, issue a fine, and pronounce them incompetent of looking after your data. But is this really the case?

Hackers; where is the justice? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Bring Data Protection to Life

Melanie Watson — Mon, 16 Jan 2012 16:49:07 +0000

With engaging tutors and interesting content, our DPA Foundation Course will bring data protection to life.

Bring Data Protection to Life is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

A Manager’s Guide to Data Security – Useful, Practical & Pragmatic

Melanie Watson — Thu, 12 Jan 2012 15:10:39 +0000

Read THE practical manual on data and information security:

A Manager’s Guide to Data Security – Useful, Practical & Pragmatic is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Will the ICO issue £1.8M in fines for ‘avoidable’ data breaches in 2012?

James Warren — Wed, 11 Jan 2012 15:20:15 +0000

The Information Commissioner's Office (ICO) website shows that £541,000 in fines were issued during 2011 between 7 organisations, making the average fine £77,285! This is not counting the fines issued by courts following a prosecution. This is an increase of 238% over 2010, when the power to issue monetary penalty notices were first introduced to the ICO.

Will the ICO issue £1.8M in fines for ‘avoidable’ data breaches in 2012? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

What will protect you from IT Security threats?

Melanie Watson — Wed, 04 Jan 2012 12:59:23 +0000

IT security is an issue that all organisations must address. Consider these facts

What will protect you from IT Security threats? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

10 biggest cyber threats of 2011

Melanie Watson — Wed, 04 Jan 2012 10:27:48 +0000

2011 saw a vast growth in the number of malware attacks on businesses and individuals. Hackers are now at a point where they can "wreak havok and access the best-kept secrets of organisations without ever leaving their living-rooms". From phishing scams, to the Sony hack, 2011 has seen the worst of all cyber attacks. Millions of people's data has been compromised around the world: hackers have made millions, whilst companies have lost millions. So, will 2012 see a repeat of last year? Or will we clamp down on cyber crime once and for all?

10 biggest cyber threats of 2011 is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

ENISA Report on Maritime Cyber Security shows little has changed in 8 years

Melanie Watson — Fri, 23 Dec 2011 09:22:20 +0000

ENISA has just released their first EU report on the cyber security challenges that the Maritime Sector face. The report highlights that maritime cyber security is low, to virtually non-existent, showing little difference between now and 8 years ago.

ENISA Report on Maritime Cyber Security shows little has changed in 8 years is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Spread holiday cheer, not your company’s confidential data!

Melanie Watson — Fri, 23 Dec 2011 08:59:19 +0000

We know it's the season of good will, for giving and spreading Christmas wishes, but the worst thing you could do is to spread your company's confidential data across the web.

Spread holiday cheer, not your company’s confidential data! is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

The public sector needs to put its house in order as the ICO requests powers of compulsory audit

kwright — Wed, 21 Dec 2011 10:21:05 +0000

The Information Commissioner’s Office has formally requested greater powers to conduct compulsory audits of local government and public sector organisations.

The public sector needs to put its house in order as the ICO requests powers of compulsory audit is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

This is how cyber criminals are going to attack you in 2012…

kwright — Fri, 16 Dec 2011 16:39:49 +0000

Published this week, Cisco’s annual 2011 security report highlights how cyber criminals are moving away from mass spam campaigns and using far more sophisticated, targeted means of attacking its targets.

This is how cyber criminals are going to attack you in 2012… is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Before you set-out for the festive madness, you need to read this …

James Warren — Fri, 16 Dec 2011 10:54:40 +0000

Whether you love it or hate it, there's no getting away from it. Christmas is just a week away! While most people are heading to the shops in a last minute rush, you should treat yourself to a well deserved break and kick back with a useful eBook this weekend.

Before you set-out for the festive madness, you need to read this … is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Ensure you are DPA compliant for 2012 with this special offer toolkit

kwright — Wed, 14 Dec 2011 10:33:56 +0000

Data protection is a critical issue for all businesses in both the public and private sector. You need to ensure the protection and correct management of sensitive data and customers details in both the physical world and cyber space.

Ensure you are DPA compliant for 2012 with this special offer toolkit is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Leaked EU Directive: Upping Data Protection Game

Melanie Watson — Fri, 09 Dec 2011 13:05:32 +0000

There has been reports that the new EU Data Protection Directive (meant to be released Jan 2012) has been leaked. And guess what? There are at least two new changes that will shake up the EU (as if it hasn't been shaken up enough already).

Leaked EU Directive: Upping Data Protection Game is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Simplify IT Security Implementation

Melanie Watson — Wed, 07 Dec 2011 16:16:17 +0000

IT risk and business resilience are the most important security issues facing organisations today.

Simplify IT Security Implementation is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Data breaches in U.S hospitals jump by 1/3

Melanie Watson — Tue, 06 Dec 2011 14:16:45 +0000

The number of data breaches in health organizations in the U.S has increased by 32% in 2011, costing the industry an estimated $6.5 billion.

Data breaches in U.S hospitals jump by 1/3 is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.