Free tools and resources for Data Protection Officers!

Category Archives for "Research"

Most organisations still misunderstand cloud security

A report based on a survey of over 700 respondents from the United States, Canada and UK, foundthat 60% of respondents misunderstand the shared responsibility model for cloud security and incorrectly believe the cloud provider is responsible for securing privileged access.

Furthermore, 68% of organisations are not employing a common security model or enforcing least privilege access to reduce risk, and the majority list security as their main challenge with cloud migrations.

Source: #Privacy: Most organisations still misunderstand cloud security, report reveals

Tech and mobile companies want to monetise your data … but are scared of GDPR 

The vast majority of technology, media and telecom (TMT) companies want to monetise customer data, but are concerned about regulations such as Europe’s GDPR, according to research from law firm Simmons & Simmons.

It found that 78 per cent of companies have some form of data commercialisation in place but only 20 per cent have an overarching plan for its use.

Survey also revealed that 53 per cent of TMT companies think they need to improve their understanding of data privacy regulation. Meanwhile, just 31 per cent of respondents said they had updated their communication to customers on data collection and use in the last two years – despite a number offering financial incentives and offering a more personalised service to incentivise data sharing.

Source: Tech and mobile companies want to monetise your data … but are scared of GDPR • The Register

Study reveals 2019’s darkest cyber-threats

Webroot has released its third annual Nastiest Malware list, shedding light on 2019’s worst cybersecurity threats.

From ransomware strains and crypto-mining campaigns that delivered the most attack payloads to phishing attacks that wreaked the most havoc, it’s clear that cyber threats across the board are becoming more advanced and difficult to detect.

Full article: #Privacy: Study reveals 2019’s darkest cyber-threats

Consumers balance data privacy against personalisation

Consumers are willing to share their personal data in exchange for personalisation, depending on whether the service meets their expectations, according to Deloitte’s eighth annual Media Consumer Survey. And consumers want the ability to have their data removed, but the choice to do this is impacted by loss of personalisation, according to the survey.

The report found a desire for ownership and control of personal data, with 62 per cent of respondents believing they should have the right to ask a company to delete their data, and 65 per cent indicating interest in editing what’s collected. However, of the 62 per cent believing they should be able to request their data be deleted, only 31 per cent would do so if it meant losing features like personalised recommendations.

Source: Survey: Consumers balance data privacy against personalisation – CMO Australia

Only 25% of companies disclose data breaches despite GDPR

A high number of businesses in Europe are choosing to not disclose cyber-security breaches to the public, despite the risk of heavy GDPR fines, a new study reports.

Researchers discovered that 75% of cyber-attacks are not published, with many companies indicating that they turn a blind eye to their legal obligations.

According to the research, less than a fifth (19%) of corporations gave official notification of hacks they suffered over the last five years, despite 66% of firms surveyed saying they were aware of their legal obligations under new EU data laws in terms of reporting to their local Data Protection Authority.

Source: #Privacy: 25% of companies disclose data breaches despite in GDPR era

Ireland is top country for privacy protection

Ireland ranked first out of 47 countries ranked for privacy protection, according to a study by Comparitech, a website that researches and compares tech services with a score of 3.2.

Ireland is followed by Portugal, Norway, France and Denmark, all of which scored 3.1. Thailand and Malaysia posted scores of 2.6 out of 5, trailed only by India (2.4), Russia (2.1) and China (1.8) leaving those countries at bottom 5.

The study took into account a number of categories, ranging from use of biometrics and CCTV to data-sharing and retention laws.

Source: Thailand in bottom tier for privacy protection

Cyberattacks cost small companies $200K, putting many out of business

About 43% of cyberattacks are aimed at small businesses. On average, these cost $200,000, putting 60% of these companies out of business in six months.

At the same time, though, 66% of senior decision-makers at small businesses still believe they’re unlikely to be targeted by online criminals. Similarly, 6 in 10 have no digital defense plan in place whatsoever, underscoring the need for heightened industry awareness and education across the board.

Source: Cyberattacks cost small companies $200K, putting many out of business

Study Finds Rampant Lapses in Securing Access to Sensitive Information

Sila Solutions Group, a North American technology and management consulting firm, in partnership with the Ponemon Institute, a leading research organization on data protection and emerging information technologies, today released the results of The 2019 Study on Privileged Access Security.

70 percent think it likely that privileged users within their organizations are accessing sensitive or confidential data for no discernible business need and more than half expect privilege user abuse to increase in next 12-24 months.

According to respondents, privileged access rights also regularly remain active even after a role change (30 percent). 62 percent of participants felt it likely that their organization assigns privileged access rights that go beyond an individual’s role or responsibilities. This proliferation of access is emphasized with more than 75 percent of respondents having privileged access to three or more IT resources.

Source: Sila and Ponemon Institute Study Finds Rampant Lapses in Securing Access to Sensitive Information

Over 50% of companies have experienced a data breach

New research by Bitdefender discovered that 24% of companies have already suffered a data breach halfway through 2019.

While 57% of companies have experienced a data breach during the last years, 36% of infosec professionals stated that their companies could likely be facing a breach without knowing about it.

The security firm conducted a survey of more than 6,000 infosecurity professionals from organisations across the US, EMEA and APAC.

Source: #Privacy: Over 50% of companies have experienced a data breach

Only 28% Of Firms Are Complying With GDPR

The Capgemini Research Institute reports that only 28% of European firms have achieved full adherence with the law that took effect in May 2018.

U.S. firms are closest — 35% were compliant as of June of this year.

However, compliant firms say they are enjoying improved customer trust, brand image and employee morale. In addition, they have benefitted from improvements in their IT systems and cybersecurity practices.

Source: Only 28% Of Firms Are Complying With GDPR: Study 09/30/2019

1 2 3 28