Data Breaches News, Articles and Updates

Why global cyber-attacks just might be the wakeup call we all needed

More data and hack case studies should allow professionals to take a step back and place attacks into a broader context, harnessing the power of AI to learn from these breaches.

GDPR and cyber-security: An opportunity that cannot be ignored

Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.

Safer Internet Day: Data privacy is a necessity, not a luxury

Having good privacy processes go well beyond GDPR compliance. Organisations which have better privacy maturity experience fewer and less costly breaches of their data, compared with 74 percent of privacy-immature organisations.

NoSQL, no problem: securing non-relational databases

Choosing the right NoSQL provider is paramount. Built in security, rather than tacked on as an afterthought, can help take the onus off the developer and may make the difference between being breached or not.

There's a lot we can learn from 2017's 'big four' breaches

The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.

Data breach! On winning the reputation game - a question of leadership

Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?

Coding protection directly into your data

Data breaches often stem from poorly-managed records. By encoding critical information about the records into the files themselves, companies can create a platform for security, efficiency and cost management.

Further thoughts on the year ahead with data destruction a bigger threat

After a year of high-profile cyber-security issues, rounded off by a PayPal data breach that exposed the PII of 1.6 million customers, data security looks set to be at the top of business agendas throughout 2018.

The Paradise Papers - a breach perspective

Leaking of the Paradise Papers raises several questions, as it should for all organisations, including Appleby itself, about how you manage, control and report on access to your sensitive data.

The myths and the maths of GDPR

Not everything you thought you knew about GDPR is correct, and a corporate governance approach to GDPR is better than a cyber-security approach says David Froud.

Chief data officers crucial to future-proof businesses & win public trust

Dr Jamie Graves at ZoneFox explains why Chief Data Officers are crucial for future-proofing businesses and winning back the public's trust.

Interview. Amazon Web Services CISO: accelerating business while ensuring security

Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).

Prioritising patient care in the age of cyber-crime

In less than six months, the GDPR will transform how organisation are able to use, store and share consumer data. This impacts every industry, but the already heavily-regulated healthcare sector will be hit particularly hard.

UK public won't trust a breached company yet fail to protect their own data

70 percent of people say that they would stop doing business with companies following a data breach, but they are about to be engulfed in data breach reality with GDPR breach reporting as under-reporting of breaches is huge.

News feature: Simulated attack, lessons learned on all sides

Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.

The problem with your inherited legacy systems

Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.

Study: Organisations suffer critical & costly IT incidents 5 times a month

Organisations experience a critical IT incident five times per month, with each costing £108,000, according to a new report based on a study conducted by research firm Quocirca on behalf of big-data company Splunk.

Full Disk Encryption (FDE) - getting off on the right foot protecting data

Deploying BitLocker is only a start to effective full disk encryption explains Mark Hickman adding that on-demand encryption/decryption must be made easy, even transparent for employees, or they to look for hacks.

The minimum you need to do before GDPR goes live: 4 stages to compliance

GDPR: It's important to put data intelligence tools in place that will allow you not only to conduct an audit of the data you have collected in the past but also address compliance in the future says Rob Perry.

Data security lessons from the Swedish Transport Agency breach

Ben Rafferty says one positive thing that can be taken from the Swedish Transport Agency outsourcing blunder is that your company can use this disaster to start a conversation about your own data handling and protection strategies.

How the next cyber breach could cost you 4% of revenues: Defensive options

Itay Glick runs through some of the protections and their effectiveness against becoming not just the victim of a data breach, but also an early casualty of swinging GDPR fines.

Researchers find 7 percent of all Amazon S3 servers exposed

A recent study by SkyHigh Networks found seven percent of all Amazon S3 servers are exposed which may explain a recent surge of data leaks in the last few months including the information on 198 million American voters.

Managing data security in a multi-cloud environment: control & compliance

As organisations continue to embrace the benefits offered by diverse multi-cloud environments, it's essential that they're aware of how best to achieve both compliance and control says Peter Galvin.

Coming, ready or not: The cost of GDPR non-compliance

Implementation of GDPR could potentially spell the end of almost one in five European businesses says Petter Nordwall, particularly if regulators come out swinging and impose maximum fines for data breaches.

Trapping to hunting: intelligent analysis of anomalies to detect compromises

One of the goals of Breach Detection Systems is to provide the most effective automated detection with minimal false positives, because excessive false positives cause "fatigue" in the incident responder explains Dr. Giovanni Vigna

100% of breached PCI certified companies failed PCI compliance audit

PCI DSS compliance doesn't guarantee security, but half of PCI certified companies aren't compliant which does indicate vulnerability to cyber-attack. "It's not a project, it's a programme - something you need to maintain."

HBO breach accomplished with hard work by hacker, poor security practices by victim

Cyber-security executives are speculating the HBO hack by "Mr. Smith" was the result of the intruder putting in a tremendous amount of effort to infiltrate the entertainment giant.

Steganography attacks - using code hidden in images - increasing

Attacks using code hidden in pictures are difficult to detect and increasing in frequency but protective measures will get better say researchers.

UniCredit Bank's third party leads to hack on 400,000 clients

An attack on Italian bank, UniCredit, has led to the accounts of 400,000 loan customers being accessed.

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

In Case You Missed It: IoT home vulnerability; Cyber attacks cost £40 bn; Bupa insider data leak; dual malware vectors; Dow Jones data at risk