Free tools and resources for Data Protection Officers!

Tag Archives for " cybersecurity "

Think about privacy the next time you ask Alexa the weather

More and more people are starting to think twice before asking Alexa for the daily forecast. According to a recent PwC survey, 38 percent of participants chose not to purchase a smart device because they “don’t want something listening in on [their lives] all the time.” Additionally, 28 percent of respondents are “concerned about privacy issues with [their] data/security.”

Full article: Think about privacy the next time you ask Alexa the weather

Businesses are spending on cybersecurity, but failing to implement basic practices

Cybersecurity spending has increased, but research shows that organisations are still vulnerable to the most basic of cyber threats.

Just 36% of UK IT leaders are confident that their company’s current IT systems provide adequate protection against cyberattacks.

Full article: Businesses are spending on cybersecurity, but failing to implement basic cybersecurity practices | Verdict

Cybersecurity certification schemes backed by MEPs

Businesses could in future be forced to ensure their products, services or processes meet specified cybersecurity standards under proposed new EU rules that have been formally approved by the European Parliament.

According to the proposed new rules, cybersecurity standards could be mandated for certain ICT products, services and processes before the end of 2023.

Source: Cybersecurity certification schemes backed by MEPs

European Parliament Approves EU Cybersecurity Act

Following a political agreement at the end of 2018, earlier this week the European Parliament approved a new cybersecurity regulation known as the EU “Cybersecurity Act“.

This forms part of the EU’s Cyber Package, first announced in September 2017 (which we blogged about here ). In addition to reinforcing the mandate of ENISA — now to be known as the EU Agency for Cybersecurity — the new regulation establishes an EU cybersecurity certification framework.

Source: European Parliament Approves EU Cybersecurity Act

The cyber insurance battle begins

The cyber insurance no longer is a novelty. Experts say that executives no longer have to justify the expense. In fact, if they don’t have it, they may well have some explaining to do.

Insurance companies have reciprocated by nurturing the market. That has included playing nice when clients file claims. Carriers have paid with few complaints. There have been no big public altercations. Until now. A battle line has emerged.

Full article: Insurance War

GDPR – Improving Data Privacy and Cyber Resilience?

Even though GDPR has only been in effect for nine months, regulators across Europe have seen the number of breach notifications. Since many data protection authorities have a big backlog of data breach reports, it is not yet clear how organizations are being affected by potential GDPR fines.

2019 is likely to be the first year that GDPR’s policy enforcement will be tested on a broad scale. By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.

Source: GDPR – Improving Data Privacy and Cyber Resilience? | SecurityWeek.Com

Legislation to improve cybersecurity of IoT devices introduced in Senate, House

Bipartisan legislation to improve the cybersecurity of Internet-connected devices will be introduced today in the Senate and the House of Representatives.

The Internet of Things (IoT) Cybersecurity Improvement Act of 2019 would require that devices purchased by the U.S. government meet certain minimum security requirements.

Source: Legislation to improve cybersecurity of Internet-of-Things devices introduced in Senate, House : Augusta Free Press

Cybersecurity Firms Issue Annual Threat Reports

CrowdStrike, FireEye and IBM Security recently released their annual threat reports. These reports contain a wealth of information on recent trends in cybersecurity attacks and recommendations on the preventive measures companies can take to protect themselves.

Reports can be found here:

Source: Cybersecurity Firms Issue Annual Threat Reports

Most ICO data breach reports late and incomplete prior to GDPR

A Freedom of Information (FOI) request from the Information Commissioner’s Office (ICO) was released today revealing the amount of late and incomplete data breach reports prior to GDPR.

It found that businesses routinely delayed data breach disclosure and failed to provide important details to the ICO in the year prior to the GDPR’s enactment.

On average, businesses waited three weeks after discovery to report a breach to the ICO, while the worst offending organisation waited 142 days. The vast majority (91%) of reports to the ICO failed to include important information such as the impact of the breach, recovery process and dates.

Source: Most ICO data breach reports late and incomplete prior to GDPR, reveals FOI

Data breaches up 400 percent, 15 billion records compromised

The number of data breaches increased more than 400 percent in 2018 exposing almost 15 billion records, according to the identity intelligence company 4iQ.

The company’s annual report confirmed 12,440 new breaches, a 424 percent increase compared to 2017, and of the 14.9 billion records compromised, 3.6 billion were confirmed real and exposed for the first time and were not part of an earlier breach. Government agencies were fastest growing target suffering a 291 percent increase in data breach incidents and the United States and China were home for 47 percent of all breached records, 4iQ found.

Source: Data breaches up 400 percent, 15 billion records compromised: report | SC Media

1 2 3 89
>