IT Governance

FEBRUARY 7, 2019

This week, we discuss the compromise of Metro Bank’s two-factor authentication system, nearly one million cyber attacks on the Student Loans Company, nearly 60,000 GDPR breaches and a surprising discovery for some marine biologists. You can find all the GDPR resources you need in order to achieve compliance at itgovernance.co.uk/gdpr.

GDPR 56

GDPR Data breaches Authentication Compliance 56

DLA Piper Privacy Matters

JANUARY 23, 2020

It follows on the heels of a spate of activity from regulators, governments and international bodies who are trying to formulate a governance strategy to respond to the exponential growth in AI development and use. In so doing, it considers how future AI legislation would align with and complement the EU’s data protection laws.

GDPR 82

GDPR Paper Artificial Intelligence Risk 82

IT Governance

NOVEMBER 22, 2018

Two Tamworth men have been jailed for their part in the 2015 cyber attack on TalkTalk that saw the personal information of 156,959 customers compromised. In October 2016 the ICO (Information Commissioner’s Office) fined the company £400,000 for security failings that led to customer data being accessed. GDPR breach readiness.

Data breaches 70

Data breaches GDPR Personal data Risk 70

eSecurity Planet

OCTOBER 7, 2022

In a case that ups the stakes for CSOs dealing with data breaches, former Uber chief security officer Joe Sullivan was found guilty by a federal jury earlier this week of obstructing justice and of misprision (concealing) of a felony in connection with his coverup of a 2016 breach. See the Top Governance, Risk & Compliance (GRC) tools.

Security 117

Security Data breaches Compliance Cybersecurity 117

IT Governance

MARCH 17, 2021

Specifically, it covers the ways in which the Standard will help protect your organisation from cyber attacks, recover from incidents in the event of a breach and improve your corporate governance. IT Governance – An International Guide to Data Security and ISO 27001. Find out more. Find out more.

Information Security 111

Information Security Government GDPR Risk 111

IT Governance

APRIL 9, 2019

With the number of data breaches increasing every year, they are now a huge issue for organisations. 46% of all UK businesses identified at least one cyber breach in the past 12 months and and the International Data Cooperation predicts that a quarter of the world’s population will have been affected by a data breach by 2020.

Data breaches 69

Data breaches GDPR Compliance Risk 69

Security Affairs

JULY 22, 2019

New problems for Huawei, t he Czech unit of telecoms giant secretly collected personal data customers, officials and business partners. Huawei made the headlines again, according to the Czech public radio the Czech unit of Chinese telecoms giant secretly collected personal data of customers, officials, and business partners.

Personal data 86

Personal data Manufacturing Information Security GDPR 86

IT Governance

APRIL 23, 2019

The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. Skelton was arrested soon after leaking the data and in July 2015 was sentenced to eight years in prison. This incident shows how complex liability can be regarding data breaches.

Data breaches 66

Data breaches Insurance GDPR Compliance 66

IT Governance

OCTOBER 6, 2018

According to the 2018 Cost of Data Breach Study , the average cost of a data breach is $3.86 By looking at some of the best-known data breaches, we can observe the effects they can have and how much they really can cost. The 2017 Equifax data breach resulted in significant loss, with at least 147.9 million (around £2.95

Data breaches 48

Data breaches GDPR Personal data Government 48

DLA Piper Privacy Matters

APRIL 1, 2020

Today the Supreme Court allowed an appeal in Morrisons v Various Claimants1, a significant judgment addressing the extent of an employers’ liability for data breaches maliciously committed by an employee. The Data Protection Act 1998 does not exclude the imposition of vicarious liability for statutory or common law wrongs. Background.

Data breaches 59

Data breaches GDPR Personal data Information governance 59

Security Affairs

AUGUST 18, 2018

billion data records have been exposed in data breached in the first half of 2018. According to a new report titled “ Mid-Year 2018 Data Breach QuickView ” published by the cyber threat intelligence company Risk Based Security some 2.6. billion data records have been exposed in the first half of 2018. billion records.

Data breaches 56

Data breaches Phishing Risk GDPR 56

Hunton Privacy

JULY 13, 2020

The AG also raised concerns regarding the Privacy Shield, an alternative mechanism for transferring personal data from the EU to the U.S. The judgment will be of great importance to businesses around the globe, the vast majority of which rely on SCCs to transfer personal data from the EU to the U.S., in the U.S.

Personal data 88

Personal data Privacy GDPR Risk 88

Hunton Privacy

JULY 16, 2020

In its judgment, the CJEU concluded that the Standard Contractual Clauses (the “SCCs”) issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. EU Safe Harbor Framework in 2015, following an earlier challenge by the same privacy advocate. Background.

Privacy 108

Privacy Personal data GDPR Access 108

DLA Piper Privacy Matters

MAY 31, 2018

PECR sits alongside the Data Protection Act 2018 and the GDPR and provide data subjects with specific privacy rights in relation to electronic communications. customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings. Background. Proposals for change.

Government 40

Government Marketing Communications Privacy 40

DLA Piper Privacy Matters

JULY 1, 2019

If this happens, many organisations will be left without any practical solution to legitimise the international transfer of personal data outside the EEA and exposure to the threat of GDPR revenue based fines, regulatory sanctions including injunctions and third party claims for compensation. Why are SCCs and Privacy Shield important?

Privacy 94

Privacy Personal data GDPR Risk 94

IT Governance

JULY 5, 2018

The Australian law firm Slater and Gordon’s ill-fated £637 million acquisition of the professional services division of the British insurance outsourcer Quindell plc in 2015 has attracted a great deal of negative attention over the past few years. Worse fines if the GDPR had been in effect. Help complying with the GDPR.

GDPR 42

GDPR Compliance Personal data Data breaches 42

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Cyberattack shuts down La Porte County government systems. UK ICO fines British Airways £183 Million under GDPR over 2018 security breach. Maryland Department of Labor discloses a data breach. Once again thank you! Pierluigi Paganini.

Security 53

Security Libraries Data breaches Ransomware 53

IT Governance

JULY 26, 2022

According to a Kaspersky report , a quarter of UK companies admit underfunding cyber security even though 82% of respondents have suffered data breaches. trillion) cost in 2015. The GDPR is being actively enforced throughout the EU and UK , so organisations must ensure compliance. What’s at stake? trillion (£8.8

Phishing 91

Phishing Data breaches GDPR Risk 91

Hunton Privacy

JANUARY 12, 2018

Following an attack on their system in 2015, the ICO found that the company had failed to take adequate steps to protect the personal data it held on its system. This decision sets the tone for companies at the dawn of the entry into force of the GDPR. the encryption keys for historical transactions were not stored safely.

Retail 40

Retail Personal data Security GDPR 40

ARMA International

DECEMBER 26, 2019

Government topped the list of vertical industries at 23%. Information Governance Programs Still a Work-In-Progress. In 2015, Forrester first posed the question “Have you restructured or re-organized your RIM and/or IT programs to support an information governance strategy?” participants at 77% and Canada at 17%.

Content services 76

Content services Cloud Records Management Privacy 76

IT Governance

JANUARY 11, 2018

Hello and welcome to the IT Governance podcast for Friday, 12 January 2018. Carphone Warehouse has been fined £400,000 by the Information Commissioner’s Office for breaching the Data Protection Act. There were also inadequate measures in place to identify and purge historic data.”. gdpr for more information.

Manufacturing 48

Manufacturing GDPR Personal data Government 48

IT Governance

JULY 6, 2018

This week, we discuss the unauthorised sharing of 150,000 patients’ confidential health data, the first ripples from the Typeform data breach, and a £4,500 fine for a company that didn’t register with the ICO. Hello and welcome to the IT Governance podcast for Friday, 6 July. Here are this week’s stories. healthcare.

Data breaches 49

Data breaches GDPR Personal data Risk 49

Security Affairs

MAY 30, 2019

Any data that is held in mainland China is wide open to access by Chinese authorities, confirming US Senators’ recent fears of American data falling into Chinese or Russian hands. This can lead to users’ data being stolen and sold on the black market, or even having their computers hacked into. Pierluigi Paganini.

Privacy 104

Privacy Cybersecurity GDPR Security 104

IT Governance

NOVEMBER 22, 2018

This week, we discuss Amazon’s exposure of customer names and addresses, jail sentences for two TalkTalk hackers, and a data breach affecting a City of York rubbish app. Hello and welcome to the IT Governance podcast for Friday, 23 November. Here are this week’s stories. Allsopp was a willing participant in the crime.

Data breaches 81

Data breaches Personal data Passwords Encryption 81

Information is Currency

MARCH 31, 2017

Digital transformation drives interest in governance, predictive analytics. A New Approach Due To Data Governance Due to IoT. GDPR Is Looming: How ECM Can Help Businesses Meet the Challenge. GDPR Is Looming: How ECM Can Help Businesses Meet the Challenge. The Right Way to Make Your Data Deliver.

ECM 40

ECM Digital transformation Metadata Sales 40

IT Governance

OCTOBER 10, 2019

These standards were introduced in 2015, explaining how organisations should protect sensitive information in the Cloud. So, you’d pick a set of controls from Annex A for your ‘normal’ data and a set of controls from ISO 27017 for data in the Cloud. appeared first on IT Governance Blog. ISO 27017 and ISO 27018.

Information Security 70

Information Security Personal data Risk Cloud 70

IT Governance

AUGUST 21, 2019

Last month, Life at Parliament View was fined £80,000 by the ICO (Information Commissioner’s Office) after security errors exposed 18,610 customers’ personal data for almost two years. During its investigation, the ICO discovered many security practices that contravened the DPA (Data Protection Act) 1998.

Security 51

Security Access Personal data Authentication 51

HL Chronicle of Data Protection

JUNE 13, 2019

Privacy Shield brought by three French NGOs, La Quadrature du Net, French Data Network and Fédération FDN. In response to that ruling, the European Commission authorised a new scheme in collaboration with the US government, the Privacy Shield, which came under challenge from the French NGOs listed above in November 2016.

Privacy 40

Privacy Personal data GDPR Government 40

IT Governance

DECEMBER 13, 2018

Hello and welcome to the final IT Governance podcast of 2018. Even government and public bodies’ websites – including, ironically, the ICO – were found to be running cryptomining software after a third-party plug-in was compromised, but it transpired. And, of course, on 25 May the GDPR came into effect.

Data breaches 55

Data breaches Personal data Access GDPR 55

IT Governance

AUGUST 3, 2018

This week, we discuss the 10 million affected by Dixons Carphone’s 2017 data breach, the exposure of hundreds of thousands of clothes shoppers’ details, Yale University’s ten-year old data breach, and a return to typewriters for government workers in Matanuska-Susitna Borough in Anchorage. million.

Data breaches 42

Data breaches GDPR Passwords Government 42

Security Affairs

NOVEMBER 18, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. a very strange scam attempt. a very strange scam attempt. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security 54

Security IoT Paper GDPR 54

IT Governance

OCTOBER 11, 2018

Hello and welcome to the IT Governance podcast for Friday, 12 October. When we started this podcast back in July 2015 I confess I expected it to be a short-lived experiment that would fizzle out by the end of the summer. Here are this wee- actually, can we have a quick word about that theme tune?

Personal data 57

Personal data Manufacturing Data breaches Information Security 57

AIIM

NOVEMBER 2, 2017

Data privacy breaches have been in the news again and again this year, eliciting increased concern from regulators and legislative bodies. But one of the most important data privacy milestones on the horizon in 2018 has its roots far earlier, and has been of utmost concern to multinational organizations. But more on them later.

GDPR 88

GDPR Privacy Compliance Information architecture 88

eDiscovery Daily

MARCH 2, 2020

Know Where Your Data Is. There are two notable Rules updates that have significant eDiscovery impact: the 2006 and 2015 updates. Know Where Your Data Is: When it comes to knowing where your data is, a data map comes in really handy. A more recent term that has become synonymous is Information Governance.

Records Management 45

Records Management Information governance Government Data Privacy 45

eDiscovery Daily

JANUARY 21, 2018

Tom also wrote a terrific four part informational overview on Europe’s General Data Protection Regulation (GDPR) titled eDiscovery and the GDPR: Ready or Not, Here it Comes. However, there are several obstacles to authentication of social media created by its unique nature as dynamic data stored online. State , 113 A.3d

Computer and Electronics 47

Computer and Electronics Authentication GDPR Government 47

IT Governance

JANUARY 4, 2018

Hello and welcome to the first IT Governance podcast of 2018. The three biggest infosec stories of 2017 were, arguably, the Yahoo data breach, the WannaCry ransomware outbreak and the Equifax data breach. Cleartext passwords, payment card data, and bank account information were not affected. Happy new year.

Passwords 51

Passwords Data breaches GDPR Encryption 51

Data Protection Report

DECEMBER 20, 2019

Yesterday, the Advocate General (“ AG ”) concluded that, in his opinion, the EU Standard Contractual Clauses (“ SCCs ”) are a valid mechanism to transfer personal data outside of the European Economic Area (“ EEA ”). But, for the time-being, data flows can continue as usual. It could also have ramifications for the UK after Brexit.

Privacy 40

Privacy Personal data Risk Access 40