Posts Tagged Data breach
Survey reveals companies are taking risks whilst outsourcing consumer data
Posted by brianfpennington in brian pennington on 28/02/2013
Experian Data Breach Resolution and the Ponemon Institute survey results identify opportunity for improved data oversight. The study, “Securing Outsourced Consumer Data”, reveals that many organizations (46%) do not evaluate the security and privacy practices of vendors before sharing sensitive or confidential information. The survey of almost 750 individuals in organizations that transfer consumer data to third-party vendors. […]
What happens after a data breach?
Posted by brianfpennington in brian pennington on 27/02/2013
A report by Solera Networks and Ponemon reveals rise in security breaches, with organisations taking months to detect and contain them. The Ponemon report “The Post Breach Boom”’ commissioned by Solera Networks polled 3,529 IT and IT security professionals in eight countries to understand the steps they are taking in the aftermath of malicious and […]
More Than 12 Million Identity Fraud Victims in 2012, study finds
Posted by brianfpennington in brian pennington on 21/02/2013
Javelin Strategy & Research have released their 2013 Identity Fraud Report with some startling results the scariest being “one in four consumers who receive a data breach letter will become the victim of identity fraud.” This means the days when a breached organisation would try to keep a breach quiet with the hope that it would […]
Nursing and Midwifery Council fined for breaching the Data Protection Act
Posted by brianfpennington in brian pennington on 16/02/2013
The Information Commissioner’s Office has issued a £150,000 fine to the Nursing and Midwifery Council was for breaching the Data Protection Act. The Nursing and Midwifery Council lost three DVDs related to a nurse’s misconduct hearing, which contained confidential personal information and evidence from two vulnerable children. In October 2011 the DVDs, containing confidential information, […]
Securing Patient data has improved massively but still has work to do
Posted by brianfpennington in brian pennington on 08/02/2013
In it’s recent Winter 2013 Newsletter Experian released the details of the fifth annual Healthcare Information and Management Systems Society (HIMSS) which they sponsored. The survey found many areas of improvement and highlighted them in the infographic below: Key highlights from the HIMSS study include: Only 38% of the respondents encrypt mobile devices, such as smartphones […]
2013 looks like being a bigger year than 2012 as the ICO starts catching up with the backlog of breaches
Posted by brianfpennington in Uncategorized on 25/01/2013
2013 has started as 2012 finished off with UK Information Commissioner (ICO) coming down hard on those who breach the Data Protection Act. So far this January 3 organisations have fallen foul of the ICO: Sony Computer Entertainment Europe Limited Mansfield District Council Prospect Trade Union Sony Computer Entertainment Europe Limited Sony Computer Entertainment Europe Limited […]
The average cost of a data breach is $8.9m in the US and £2.1m in the UK
Posted by brianfpennington in brian pennington on 07/11/2012
The results of the Ponemon 2012 Cost of Cyber Crime Study for the United States, United Kingdom, Germany, Australia and Japan. For the purposes of this post I have summarised the United States and the United Kingdom. The study, sponsored by HP Enterprise Security, focused on organizations located in the United States and the United Kingdom many are multinational corporations. […]
Almost 50% of organizations report 10 or more significant data breaches a year
Posted by brianfpennington in brian pennington on 11/09/2012
Ponemon have revealed the results of a Co3 Systems sponsored survey into Data Loss Management. Ponemon Institute polled more than 100 influencers in the privacy and data protection community across the US. Key findings of the survey were:- almost 50% of organizations experience ten or more data loss incidents annually that meet the legal criteria that […]
Who has breached the Data Protection Act in 2012? Find the complete list here.
Posted by brianfpennington in brian pennington on 16/08/2012
So far 2012 has been a busy year for the Information Commissioners Office (ICO) and with almost three quarters of the year gone I thought I would look at who has fallen foul of the Data Protection Act. There are normally three types of punishments administered by the ICO Monetary. The most serious of the […]
Consumers express their opinions of Data Breach Notifications
Posted by brianfpennington in brian pennington on 08/06/2012
Ponemon Institute have released an Experian® Data Breach Resolution sponsored survey into what consumer think about Data Breach Notifications, titled 2012 Consumer Study on Data Breach Notifications. I have made a summary of the survey below. Consumers in the Ponemon and Experian joint study believe data breach notification is important under certain conditions 85% believe notification […]
Latest NHS Fine for breaching the Data Protection Act is close to the “current” limit at £325,000
Posted by brianfpennington in brian pennington on 01/06/2012
After a series of breaches where the NHS organisation involved received nothing more than a slap on the wrist the Information Commissioner is finally ratcheting up the pressure on public sector organisations, especially the NHS for breaching the Data Protection Act. In the latest breach Brighton and Sussex University Hospitals NHS Trust has been fines […]
Aftermath of a Data Breach
Posted by brianfpennington in brian pennington on 29/01/2012
Ponemon Institute, sponsored by Experian®, has released the findings of their Aftermath of a Data Breach study. The study was conducted to learn what organizations did to recover from the financial and reputational damage of a data breach involving customer and consumer records. Consumer and customer information collected by organizations is at great risk due to […]
Data Protection & Breach Readiness Guide
Posted by brianfpennington in brian pennington on 25/01/2012
The Online Trust Alliance (OTA) has release it’s 2012 Data Protection & Breach Readiness Guide, a comprehensive guide outlining key questions and recommendations to help businesses in breach prevention and incident management. This post is a summary of their results and guidance. Craig Spiezle, Executive Director and President of the Online Trust Alliance said “Last year, […]
Information Commissioner gets tough with the largest fine for the breach of the Data Protection Act
Posted by brianfpennington in brian pennington on 06/12/2011
The Information Commissioner’s Office (ICO) has served a penalty of £130,000 on Powys County Council for breaching the Data Protection Act. Powys County Council sent the details of a child protection case to the wrong recipient. The £130,000 penalty is the highest that the ICO has served since it was given the power in April 2010 and follows […]
Reputation damage could cost more than PCI Compliance or Data Protection Act fines
Posted by brianfpennington in brian pennington on 11/11/2011
Image via Wikipedia A Ponemon Institute and Experian survey of almost 850 executives reveals that on average it can take up to a year for an organisation to restores its reputation. Reputations have always been difficult to value as they change with market demands, styles and presentation. This research is interesting as it does place […]
The huge and unexpected administrative costs of a data breach
Posted by brianfpennington in brian pennington on 07/10/2011
Reading about another large data breach had me thinking about the non-technical side of a data breach. In these current times it is impossible to avoid the stories of data breaches because the press and blogs spin into gear almost immediately. Coming from the IT Security industry, I always think about the “normal” costs:- The cost of […]
Hospital destroys 10,000 archived records – Information Commissioner not impressed
Posted by brianfpennington in brian pennington on 04/10/2011
Dartford and Gravesham NHS Trust breached the Data Protection Act by accidentally destroying 10,000 archived records, the Information Commissioner’s Office (ICO) said today. The records – which should have been kept in a dedicated storage area – were put in a disposal room due to lack of space. The records were then mistakenly removed from […]
ICO takes action against the Child Exploitation and Online Protection Centre and the Serious Organised Crime Agency
Posted by brianfpennington in brian pennington on 16/09/2011
Image via Wikipedia The Information Commissioner’s Office (ICO) has taken action against The Child Exploitation and Online Protection Centre (CEOP) and the Serious Organised Crime Agency (SOCA) – its parent organisation after the discovery of a security flaw on CEOP’S website, the Information Commissioner’s Office (ICO) said today. On 6 April, the ICO received a complaint […]
90 Percent of Businesses Fell Victim to a Cyber Security Breach
Posted by brianfpennington in Uncategorized on 30/06/2011
The Ponemon Institute has released the the results of a study conducted to determine what IT and IT security practitioners in the US, UK, France and Germany think about how well their organizations are responding to threats against network security. Sponsored by Juniper Networks, they believe the research is important because “it can provide insights from those who […]
Identity Theft Resource Center found that hacking accounted for the largest number of breaches in 2011 year-to-date
Posted by brianfpennington in brian pennington on 27/04/2011
The Identity Theft Resource Center® has found that hacking accounted for the largest number of breaches in 2011 year-to-date. Almost 37% of breaches between January 1st and April 5th were due to malicious attacks on computer systems. This is more than double the amount of targeted attacks reflected in the 2010 ITRC Breach List (17.1%). ITRC point […]
Brian Pennington
-
