fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " cybersecurity "

GDPR – Improving Data Privacy and Cyber Resilience?

Even though GDPR has only been in effect for nine months, regulators across Europe have seen the number of breach notifications. Since many data protection authorities have a big backlog of data breach reports, it is not yet clear how organizations are being affected by potential GDPR fines.

2019 is likely to be the first year that GDPR’s policy enforcement will be tested on a broad scale. By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.

Source: GDPR – Improving Data Privacy and Cyber Resilience? | SecurityWeek.Com

Legislation to improve cybersecurity of IoT devices introduced in Senate, House

Bipartisan legislation to improve the cybersecurity of Internet-connected devices will be introduced today in the Senate and the House of Representatives.

The Internet of Things (IoT) Cybersecurity Improvement Act of 2019 would require that devices purchased by the U.S. government meet certain minimum security requirements.

Source: Legislation to improve cybersecurity of Internet-of-Things devices introduced in Senate, House : Augusta Free Press

Cybersecurity Firms Issue Annual Threat Reports

CrowdStrike, FireEye and IBM Security recently released their annual threat reports. These reports contain a wealth of information on recent trends in cybersecurity attacks and recommendations on the preventive measures companies can take to protect themselves.

Reports can be found here:

Source: Cybersecurity Firms Issue Annual Threat Reports

Most ICO data breach reports late and incomplete prior to GDPR

A Freedom of Information (FOI) request from the Information Commissioner’s Office (ICO) was released today revealing the amount of late and incomplete data breach reports prior to GDPR.

It found that businesses routinely delayed data breach disclosure and failed to provide important details to the ICO in the year prior to the GDPR’s enactment.

On average, businesses waited three weeks after discovery to report a breach to the ICO, while the worst offending organisation waited 142 days. The vast majority (91%) of reports to the ICO failed to include important information such as the impact of the breach, recovery process and dates.

Source: Most ICO data breach reports late and incomplete prior to GDPR, reveals FOI

Data breaches up 400 percent, 15 billion records compromised

The number of data breaches increased more than 400 percent in 2018 exposing almost 15 billion records, according to the identity intelligence company 4iQ.

The company’s annual report confirmed 12,440 new breaches, a 424 percent increase compared to 2017, and of the 14.9 billion records compromised, 3.6 billion were confirmed real and exposed for the first time and were not part of an earlier breach. Government agencies were fastest growing target suffering a 291 percent increase in data breach incidents and the United States and China were home for 47 percent of all breached records, 4iQ found.

Source: Data breaches up 400 percent, 15 billion records compromised: report | SC Media

Study shows programmers will take the easy way out and not implement proper password security

In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

For their study, the German academics asked a group of Java programmers to write a user registration system for a fake social network. The results show that the level of understanding of what “secure passwords” mean differs greatly in the web development community.

Paying developers higher rates didn’t help considerably, researchers said. However, the research team found that giving programmers specific instructions to implement a secure password storage system did yield better results than not saying anything at all and then expecting developers to think of security by themselves.

Source: Study shows programmers will take the easy way out and not implement proper password security | ZDNet

2 Billion Unencrypted Records Leaked In Marketing Data Breach

Another day, another mega data breach. Except this one is different. More than two billion unencrypted records with very detailed information including mortgage data and credit scoring. So, what’s happened and what should you do next?

Full article: 2 Billion Unencrypted Records Leaked In Marketing Data Breach — What Happened And What To Do Next

Is encrypted data personal data under the GDPR?

As businesses across the world have begun adjusting to life under the EU General Data Protection Regulation, an important question continues to crop up: Should encrypted data be treated as personal data?

The answer to this question has significant ramifications for the modern e-commerce world. At its most basic, encryption is a way of protecting the privacy of your data.

Full article: Is encrypted data personal data under the GDPR?

Zuckerberg posts Facebook mission statement on privacy and encryption

On Wednesday, Facebook CEO Mark Zuckerberg published a more-than-3,000-word blog post that seems to declare a major shift in Facebook’s strategy.

In it, he says he believes that “a privacy-focused communications platform will become even more important than today’s open platforms.” Zuckerberg explains that he wants Facebook to build a privacy-focused messaging and social networking platform.

Source: Zuckerberg: Facebook will shift focus to private networks instead of open ones | Ars Technica

>