Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

The 15 Worst Data Breaches of the 21st Century

It’s not exactly an honor roll that CSO has published , but it sure makes for interesting reading. Hat tip to Dave Ries for sharing the list. As a caveat, the list is based not necessarily on the number of records compromised, but on how much risk or damage the breach caused for companies, insurers and users or account holders.

Source: The 15 Worst Data Breaches of the 21st Century

Reasonable Retention Of Personal Information: The Compliance Advantage Of Risk-Based Polices And Procedures For Information Governance

A recent privacy breach case in Canada offers practical guidance for organizations anywhere to avoid the over-retention of personal data. A May 2017 Order from the Office of the Information and Privacy Commissioner of Alberta provides new insight into the requirement under section 35 of the Personal Information Protection Act to retain personal information only as long as reasonably required.

Source: Reasonable Retention Of Personal Information: The Compliance Advantage Of Risk-Based Polices And Procedures For Information Governance

Why the WannaCry outbreak should be a wake-up call

WannaCry, the ransomware that recently swept the world and brought down computer systems in more than 100 countries, can be viewed as many things: an attempt to extort money from individuals and businesses whose data was taken hostage; an atrocity that put human life at risk in the case of compromised medical systems and medical devices; and a focal point in discussions on responsible disclosure, to name just a few.

But boiled down, WannaCry should be universally viewed as one thing: a wake-up call.

Source: Why the WannaCry outbreak should be a wake-up call

On Balancing Insider-Threat Protection and Employee Privacy

Insider attacks is serious threat to business. They are hard to detect and stop with traditional preventative controls. Cloud computing and BYOD makes it even harder. However, practices engaged in by business to secure their data and prevent data breaches may come in conflict with employees right to privacy.

Source: On Balancing Insider-Threat Protection and Employee Privacy

Meet Chris Vickery, the internet’s data breach hunter

Vickery is security researcher. His job is simple: find leaked and exposed data before the bad guys do. His work has resulted in protecting the personal information and privacy of tens of millions of people. In recent years Vickery has made more headlines than almost any other person, and yet his name remains unknown for many.

Source: Meet Chris Vickery, the internet’s data breach hunter

>