fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " study "

Study Finds Rampant Lapses in Securing Access to Sensitive Information

Sila Solutions Group, a North American technology and management consulting firm, in partnership with the Ponemon Institute, a leading research organization on data protection and emerging information technologies, today released the results of The 2019 Study on Privileged Access Security.

70 percent think it likely that privileged users within their organizations are accessing sensitive or confidential data for no discernible business need and more than half expect privilege user abuse to increase in next 12-24 months.

According to respondents, privileged access rights also regularly remain active even after a role change (30 percent). 62 percent of participants felt it likely that their organization assigns privileged access rights that go beyond an individual’s role or responsibilities. This proliferation of access is emphasized with more than 75 percent of respondents having privileged access to three or more IT resources.

Source: Sila and Ponemon Institute Study Finds Rampant Lapses in Securing Access to Sensitive Information

Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

A recent study has shown that a company’s cybersecurity program, and how it has handled any history of data breaches, has a significant impact on its monetary sales value.

The report, by (ISC)2, asked 250 US-based mergers and acquisitions experts looking at the importance of a company’s cybersecurity program, and how much of an impact its breach history has on its valuation ahead of a potential acquisition.

Their findings revealed that 49% of those experts have seen deals completely derailed after due diligence brought an undisclosed breach to light. Furthermore, 86% of respondents said that if a company publicly reported a breach of customer or other critical data in its past, it would detract from the allocated acquisition price.

Source: #SECURITY: Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

EU Parliament publishes study on Blockchain and GDPR

In recent times, there has been much discussion in policy circles, academia and the private sector regarding the tension between blockchains and the European Union’s General Data Protection Regulation (‘GDPR’).

Whereas, the GDPR is based on an underlying assumption that in relation to each personal data point there is at least one the data controller, blockchains make the allocation of responsibility and accountability burdensome.

Further, although the GDPR is based on the assumption that data can be modified or erased where necessary to comply with legal requirements, blockchains, however, render the unilateral modification of data purposefully onerous in order to ensure data integrity and to increase trust in the network.

Source: Blockchain and the General Data Protection Regulation – Think Tank

European Commission Releases Study on GDPR Data Protection Certification Mechanisms

European Commission has published a final report “Data Protection Certification Mechanisms: Study on Articles 42 and 43 of the Regulation
(EU) 2016/679”.

The overall aim of the study is to support the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Articles 42 and 43 GDPR.

More specific the purpose of the assignment is to: i) accompany the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Art. 42 and 43 GDPR and ii) collect all relevant information for the Commission in view of the possible implementation of Art. 43(8) GDPR on the requirements for the data protection certification mechanisms and of Article 43(9) GDPR on the technical standards for certification mechanisms and data protection seals and marks, and for mechanisms to promote and recognise those certification mechanisms, seals and marks.

Read report: Data Protection Certification Mechanisms: Study on Articles 42 and 43 of the Regulation (EU) 2016/679

Even if you’re off social media, your friends could be ruining your privacy

Social networks could use friends to predict what a person would post, researchers find.

A new study from researchers at the University of Vermont and the University of Adelaide found that they could predict a person’s posts on social media with 95 percent accuracy — even if they never had an account to begin with.

Full article: Even if you’re off social media, your friends could be ruining your privacy – CNET

On Facebook and Twitter your privacy is at risk

Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right?

The new study presents powerful evidence that the answer to that question is no. It shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

Full article: Study: On Facebook and Twitter your privacy is at risk—even if you don’t have an account

Private Blockchains Could Be Compatible with EU Privacy Rules

A joint study between Queen Mary University of London and the University of Cambridge concluded that, whilst challenging, it is theoretically possible for organizations to design blockchain applications that fully comply with recently implemented EU ‘General Data Protection Regulation’.

Due to innate aspects of blockchain technology, like the immutability and inability to retrospectively remove customer data recorded as such, the problems become obvious when it comes to creating a solution compatible with this European regulation.

Full article: Private Blockchains Could Be Compatible with EU Privacy Rules, Research Shows

US Firms Have Begun Addressing GDPR Shortcomings

A survey of 145 US corporate directors of public company boards conducted by BDO USA during August 2018 has revealed that eight out of ten companies have taken steps to ensure they are complying with necessary data protection legislation. This included implemented such measures as completing a gap assessment and updating the company privacy policy.

The survey was conducted as part of the BDO  2018 Cyber Governance Survey which you can read here.

Source: Study by BDO USA Suggest US Firms Have Begun Addressing GDPR Shortcomings – Compliance Junction

Global study finds artificial intelligence is key cybersecurity weapon in the IoT era

As businesses struggle to combat increasingly sophisticated cybersecurity attacks, the severity of which is exacerbated by both the vanishing IT perimeters in today’s mobile and IoT era, coupled with an acute shortage of skilled security professionals, IT security teams need both a new approach and powerful new tools to protect data and other high-value assets.

Source: Global study finds artificial intelligence is key cybersecurity weapon in the IoT era

>