fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " report "

White Paper on Principles for a Revised U.S. Privacy Framework

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.

CIPL believes that the use of personal information and privacy can most effectively be regulated at the federal level, and puts forward ten principles that should be included in any new federal privacy framework to ensure appropriate protection for consumers while facilitating the digital economy, innovation and the responsible use of data.

Download the full paper to read more about the principles and why these are essential for inclusion in a new federal U.S. privacy framework.

Source: CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework | Privacy & Information Security Law Blog

EU citizens being tracked on sensitive government sites

EU governments are allowing more than 100 advertising companies, including Google and Facebook, to surreptitiously track citizens across sensitive public sector websites, in apparent violation of their own EU data protection rules, a study has found.

Danish browser-analysis company Cookiebot found ad trackers — which log users’ locations, devices and browsing behaviours for advertisers — on the official government websites of 25 EU member states. The French government had the highest number of ad trackers on its site, with 52 different companies tracking users’ behaviour.

Source: EU citizens being tracked on sensitive government sites | Financial Times

Businesses are spending on cybersecurity, but failing to implement basic practices

Cybersecurity spending has increased, but research shows that organisations are still vulnerable to the most basic of cyber threats.

Just 36% of UK IT leaders are confident that their company’s current IT systems provide adequate protection against cyberattacks.

Full article: Businesses are spending on cybersecurity, but failing to implement basic cybersecurity practices | Verdict

Cybersecurity Firms Issue Annual Threat Reports

CrowdStrike, FireEye and IBM Security recently released their annual threat reports. These reports contain a wealth of information on recent trends in cybersecurity attacks and recommendations on the preventive measures companies can take to protect themselves.

Reports can be found here:

Source: Cybersecurity Firms Issue Annual Threat Reports

GDPR compliance boosts business, study shows

Businesses that are embracing the EU’s General Data Protection Regulation (GDPR) enjoy increased efficiency and are more attractive to investors, according to a new study by Cisco.

It was discovered that 59% of companies globally feel they are ready for the GDPR, with a further 29% claiming to be in good shape within 12 months.

Source: GDPR compliance boosts business, study shows

Organizations Taking Less Time to Detect Breaches

Internal security teams at enterprise organizations are generally getting better at detecting compromises, but it’s still taking them well over a month to discover them.

A FireEye analysis of global breach data from 2018 shows that half of all organizations last year took 50.5 days or longer to detect an intrusion after it first began. That was one week faster than the median of 57.5 days it took them in 2017.

Source: Organizations Taking Less Time to Detect Breaches

GDPR spurs cybersecurity improvements at biggest public companies

The introduction of the General Data Protection Regulation (GDPR) spurred the UK’s biggest public companies to improve the measures they put in place to protect data, according to a UK government survey.

“The 2018 Health Check indicates that GDPR has increased the attention FTSE 350 boards give to cyber risk,” the government’s survey report said. “Over three quarters of businesses (77%) report that board discussion and management of cyber risk has increased since the introduction of GDPR, and more than half (55%) of these businesses have increased measures as a result.”

Source: GDPR spurs cybersecurity improvements at FTSE 350 companies

Organisations should be doing more to achieve privacy accountability

The Global Privacy Enforcement Network’s (GPEN) annual intelligence gathering operation looked at how well organisations have implemented the core concepts of accountability into their own internal privacy policies and programmes.

Whilst there were examples of good practice, it was found that a number of organisations had no processes in place to deal with the complaints and queries raised by data subjects, and were not equipped to handle data security incidents appropriately.

Source: Organisations should be doing more to achieve privacy accountability | ICO

UK consumers more likely to abandon a breached company

A study by the payment security firm PCI Pal found British folks are far less forgiving of a company that suffers a breach, with 41 percent saying they would stop frequenting that store brand forever. Only 21 percent of Americans felt the same way.

Source: UK consumers more likely to abandon a breached company | SC Media

Ireland’s DPA publishes annual report

Ireland’s Data Protection Commission (DPC) has published its latest annual report, which covers the period from 25 May 2018, when GDPR took effect, to 31 December.

The report highlights an increase in the number of data protection complaints to the DPC since the GDPR took effect. The number of complaints raised in the period totalled 2,864 compared to 2,642 for the whole year in 2017.

Source: GDPR spurs increased awareness of data protection

>