Data Breaches News, Articles and Updates

Elizabeth Denham - A Profile of the Information Commissioner

GDPR enforcement comes into effect today and the person responsible for overseeing and enforcing its implementation in the UK is Information Commissioner Elizabeth Denham - so its time to learn more about her.

If your vendor is breached, you are too

Half of companies surveyed suffered a third-party data breach - Why? One possible answer is that the relative costs of breaches - especially the very high-profile ones - aren't painful enough long-term to prompt a major security overhaul.

Making GDPR work for you - as well as all who do business with you

In the first instance, organisations need to discover which repositories, assets and applications are holding data. The second step is to classify and understand all data in the context of all related business processes.

Private vs. public cloud and the compliance conundrum

Businesses may feel more comfortable with their data stored within their own walls, but private clouds will generally be slower to patch security gaps, leaving them exposed to potential data breaches and compliance holes.

GDPR is just around the corner: what can organisations expect?

Mobile devices are more vulnerable to data leaks, given that they can be lost or stolen and can often result in lost or deleted data; the legal ramifications for this are the same as with any other device under the GDPR

The GDPR conversation needs to be reframed

The first and most vital thing for SMEs is to reframe the way in which they view GDPR. In many ways, the regulations will help companies better their structure, security and awareness of data, which can only be a good thing.

Companies reversing hashed emails for as little as 2.84p per email

Hashed email addresses do not provide any significant protection for consumers as many firms are now offering services that can reverse email hashing to correctly guess consumers' email addresses, security experts warn.

Top tips to 'spring clean' your data processes and get ready for GDPR

It is vital to keep track of your data by continuously looking out for your data appearing "outside the perimeter," and quickly addressing any leaks - much like having CCTV or a security guard protecting your office and car park.

Vanderbilt University researcher's claim breaches linked to patient deaths

A Vanderbilt University researcher is claiming more than 2,100 patient deaths are linked to hospital data breaches each year.

Judge rules US breach victims can sue Yahoo

A US federal judge in California Friday ruled Yahoo must face many of the claims brought against it in a lawsuit concerning the massive data breaches affecting three billion users that the company announced in 2016.

The privacy wars - individuals ask, where is our data and who has access?

We are seeing a shift in people's perception of how their personal data is collected, stored and used. Large-scale data breaches have raised the level of awareness in the general public, and shone a light on the role of data aggregators.

The data protection goalposts have shifted: has your security strategy moved with them?

It quickly becomes obvious that traditional methods of data security on their own aren't sufficient to provide complete data visibility, but an effective defence strategy must adequately cover all zones in which data can be accessed.

The tumultuous relationship between data and security

Companies struggle to understand, let alone quantify, their data risk and exposure. A new approach unites data operators managing and securing data with data consumers who need data to do their job.

US tax collector breach victims double original estimate

As typical with most breaches initially underestimating the overall impact of a cyber-security "incident," the hack of the Massachusetts Department of Revenue in the US was more than twice as large than originally anticipated.

Why global cyber-attacks just might be the wakeup call we all needed

More data and hack case studies should allow professionals to take a step back and place attacks into a broader context, harnessing the power of AI to learn from these breaches.

GDPR and cyber-security: An opportunity that cannot be ignored

Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.

Safer Internet Day: Data privacy is a necessity, not a luxury

Having good privacy processes go well beyond GDPR compliance. Organisations which have better privacy maturity experience fewer and less costly breaches of their data, compared with 74 percent of privacy-immature organisations.

NoSQL, no problem: securing non-relational databases

Choosing the right NoSQL provider is paramount. Built in security, rather than tacked on as an afterthought, can help take the onus off the developer and may make the difference between being breached or not.

There's a lot we can learn from 2017's 'big four' breaches

The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.

Data breach! On winning the reputation game - a question of leadership

Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?

Coding protection directly into your data

Data breaches often stem from poorly-managed records. By encoding critical information about the records into the files themselves, companies can create a platform for security, efficiency and cost management.

Further thoughts on the year ahead with data destruction a bigger threat

After a year of high-profile cyber-security issues, rounded off by a PayPal data breach that exposed the PII of 1.6 million customers, data security looks set to be at the top of business agendas throughout 2018.

The Paradise Papers - a breach perspective

Leaking of the Paradise Papers raises several questions, as it should for all organisations, including Appleby itself, about how you manage, control and report on access to your sensitive data.

The myths and the maths of GDPR

Not everything you thought you knew about GDPR is correct, and a corporate governance approach to GDPR is better than a cyber-security approach says David Froud.

Chief data officers crucial to future-proof businesses & win public trust

Dr Jamie Graves at ZoneFox explains why Chief Data Officers are crucial for future-proofing businesses and winning back the public's trust.

Interview. Amazon Web Services CISO: accelerating business while ensuring security

Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).

Prioritising patient care in the age of cyber-crime

In less than six months, the GDPR will transform how organisation are able to use, store and share consumer data. This impacts every industry, but the already heavily-regulated healthcare sector will be hit particularly hard.

UK public won't trust a breached company yet fail to protect their own data

70 percent of people say that they would stop doing business with companies following a data breach, but they are about to be engulfed in data breach reality with GDPR breach reporting as under-reporting of breaches is huge.

News feature: Simulated attack, lessons learned on all sides

Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.

The problem with your inherited legacy systems

Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.