IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. Failure to redact. Failure to use Bcc. This isn’t too surprising.

Data breaches 52

Data breaches Personal data Government GDPR 52

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. But those aren’t the only laws or regulations that affect IT security teams.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

IT Governance

NOVEMBER 24, 2021

But as is often the case with technological solutions, the benefits of convenience comes with security risks. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. Data breaches. The website is simply designed to look like the real thing.

Cloud 133

Cloud Risk Security Data breaches 133

IT Governance

JULY 12, 2019

Digital Guardian recently asked a group of cyber security experts what the most important step is following a data breach. So how should you approach a data breach investigation? This might be, for example,the victim’s computer, a web page or a physical space in which documents were compromised.

Data breaches 103

Data breaches Computer and Electronics Education Access 103

The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. The average cost of a cybersecurity breach was $4.45 Security places a crucial role in your technology. Stay educated. Stay proactive.

Cybersecurity 222

Cybersecurity Data breaches Compliance Phishing 222

Krebs on Security

JUNE 13, 2018

And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach. Vermont librarian Jessamyn West sued Equifax over its 2017 data breach and won $600 in small claims court. Others are following suit. I was willing to do the work and go to court.

Data breaches 173

Data breaches Personal data Privacy Libraries 173

Thales Cloud Protection & Licensing

OCTOBER 17, 2023

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions madhav Wed, 10/18/2023 - 05:25 This month is Cyber Security Awareness Month , highlighting how far security education needs to go in order to enable a secure interconnected world. Data Sovereignty What is data sovereignty?

Security awareness 129

Security awareness Security Passwords Authentication 129

IT Governance

OCTOBER 6, 2022

This October is Cyber Security Awareness Month, an event designed to educate people about information security and the steps they can take to stay safe online. Now in its nineteenth year, the campaign provides tools and resources to help people learn more about the cyber security industry and the ways they can get involved.

Security awareness 130

Security awareness Security Phishing Passwords 130

Data Matters

AUGUST 9, 2021

On July 16, 2021, Governor Lamont signed An Act Concerning Data Privacy Breaches , which will take effect on October 1, 2021. The UPDPA does not include a definition of a “security breach” or data breach notification requirements to individuals or regulators.

Data breaches 88

Data breaches Privacy Personal data Data Privacy 88

IT Governance

AUGUST 31, 2018

Another week, another example of an email using the Cc (carbon copy) field instead of the Bcc (blind carbon copy) field. While this incident was undoubtedly caused by human error, it is a reminder that an organisation’s employees can pose a significant threat to data security. This time, it was West Ham United Football Club.

Data breaches 40

Data breaches Education Risk Communications 40

The Last Watchdog

DECEMBER 30, 2021

Related: Turning workers into security security sensors. What’s more, WFM tools can help reinforce best security practices needed as companies increase their reliance on a remote workforce and using cloud-based software. Let’s discuss some of the reasons why WFM software can improve productivity – and security.

Security 113

Security Data breaches Cybersecurity Digital transformation 113

IBM Big Data Hub

FEBRUARY 1, 2024

Filling these vacancies has become a security imperative, and several global compliance mandates have been established to tackle the issue. For example, in the US, the 2023-2025 CISA Cybersecurity Strategic Plan aims to increase basic-level cyber skills across the country, transform cyber education and boost the cyber workforce.

Cybersecurity 95

Cybersecurity Data breaches Education Security awareness 95

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Cyber criminals continued to wreak havoc, with the likes of Twitter , Uber and Neopets all reporting mammoth data breaches.

Security 132

Security Data breaches Ransomware Military 132

eSecurity Planet

OCTOBER 16, 2023

Public cloud security refers to protections put in place to secure data and resources in cloud environments shared by multiple users or organizations. These safeguards, when combined with adherence to security best practices and standards, establish a strong security architecture for public cloud environments.

Cloud 101

Cloud Security Encryption Compliance 101

IT Governance

JANUARY 24, 2024

Expert insight from Leon Teale into the implications of this historic data breach The security researcher Bob Diachenko and investigators from Cybernews have discovered an open instance with more than 26 billion data records, mostly compiled from previous breaches – although it likely also includes new data.

Passwords 139

Passwords Data breaches Encryption Risk 139

The Last Watchdog

AUGUST 23, 2021

With many employees now working remotely, securing company data isn’t as straightforward as it used to be. International workforces can be an excellent way to find top talent, but they can introduce unique security risks. Inconsistent data regulations. For example, suppose you have workers in the EU.

Communications 223

Communications Cybersecurity GDPR Risk 223

IBM Big Data Hub

JULY 7, 2023

Threats to your data are virtually everywhere these days, and too often, data compromises seem almost inevitable. But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. Data breaches can be disastrous for organizations.

Security 40

Security Data breaches Data Privacy Compliance 40

IT Governance

MAY 27, 2021

For all the talk of criminal hacking, ransomware infections and the technologies to prevent them, the key to protecting your organisation is cyber security awareness training. Indeed, according to Ponemon Institute’s Cost of a Data Breach Report 2020 , 23% of data breaches were caused by human error.

Security awareness 119

Security awareness IT Security GDPR 119

Troy Hunt

DECEMBER 21, 2017

In the first 4 parts of "Fixing Data Breaches", I highlighted education , data ownership and minimisation , the ease of disclosure and bug bounties as ways of addressing the problem. That was in November 2015, a mere 3 months after the Ashley Madison data breach. This is an incident where 4.8

Data breaches 50

Data breaches GDPR Education Personal data 50

IT Governance

MAY 16, 2019

Verizon’s annual DBIR (Data Breach Investigations Report) is among the most valuable studies in the security industry, so the release of the 2019 edition this week is cause for celebration. The reports are renowned for detailed analysis, with the latest study delving into more than 41,000 security incidents.

Data breaches 67

Data breaches Sales Phishing Education 67

Privacy and Cybersecurity Law

AUGUST 15, 2018

The ICO have been discussing data breach reporting under GDPR in a new webinar. Here are the key points: GDPR introduces mandatory breach reporting. This applies to accidental breaches and internal breaches – not just those that are deliberate or are about losing personal data externally.

Data breaches 45

Data breaches GDPR Personal data Risk 45

Troy Hunt

DECEMBER 20, 2017

This week, I've been writing up my 5-part guide on "Fixing Data Breaches" On Monday I talked about the value of education ; let's try and stop the breach from happening in the first place. 8 days after trying to raise them, they finally acknowledged the breach and reported it to their customers.

Data breaches 87

Data breaches Risk Security IT 87

IT Governance

APRIL 5, 2023

Malware is one of the most common cyber security threats that organisations and individuals face. For example, they can only spot known types of malware, and according to the AV-Test Institute , almost half a million new types of malware are detected each day. However, those tools are not flawless. But how exactly does malware work?

Encryption 126

Encryption Data breaches Phishing Government 126

eSecurity Planet

MARCH 29, 2024

Data loss prevention (DLP) refers to a set of security solutions that identify and monitor information content across storage, operations, and networks. DLP solutions help detect and prevent potential data exposure or leaks. An effective DLP solution provides the security team a complete visibility of their networks.

Data breaches 70

Data breaches Compliance Risk Access 70

IT Governance

JUNE 21, 2019

Anyone looking for advice on how to achieve effective cyber security should consider the NCSC’s (National Cyber Security Centre) 10-step guide. Organisations must understand the risks they face before implementing security measures. Organisations must understand the risks they face before implementing security measures.

Security 91

Security Data breaches Risk Access 91

IT Governance

DECEMBER 9, 2021

Cloud security is an essential part of today’s cyber security landscape. With hybrid working now the norm, many organisations are relying on Cloud services to access data from home or the office. This might include spotting misconfigured firewalls or physical security threats.

Cloud 126

Cloud Security Authentication Risk 126

IT Governance

JULY 25, 2018

One overlooked side-effect of the GDPR (General Data Protection Regulation) is the extent to which data privacy and information security have become widely discussed. For example, the below screenshot shows a friend asking me about a suspicious link. The cost of a data breach is significantly higher than that….

GDPR 68

GDPR Phishing Security Data Privacy 68

IT Governance

FEBRUARY 26, 2020

Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. Cyber security researchers at vpnMentor found a leaky database on a publicly accessible Elasticsearch server. Customers’ email addresses and login information were also compromised.

Retail 131

Retail Phishing Data breaches Education 131

IT Governance

JANUARY 26, 2022

According to the study, 48% of executive managers said that employees had received no cyber security training in the last two years. Meanwhile, 32% said they didn’t have a cyber security programme within their organisation and only half of organisations have a formal cyber security incident response plan.

Data breaches 111

Data breaches Phishing Access Passwords 111

IT Governance

APRIL 28, 2020

If you’re among the millions of people working from home while also trying to entertain and educate your kids during the coronavirus pandemic, we imagine things have been pretty chaotic. The Internet can be a dangerous place, which is why we talk so often about the importance of secure browsing. Watch out for phishing emails.

Security 108

Security Phishing Personal data Risk 108

IT Governance

JULY 28, 2020

Blackbaud, which provides education administration, fundraising and financial management software, was infected with ransomware, giving cyber criminals access to a wealth of sensitive information. At least eight educational institutions in the US and Canada were also affected, as well as several charities on both sides of the Atlantic.

GDPR 124

GDPR Education Ransomware Data breaches 124

eSecurity Planet

DECEMBER 7, 2023

This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.

Encryption 110

Encryption IT Passwords IoT 110

Thales Cloud Protection & Licensing

JUNE 15, 2023

A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management.

Encryption 133

Encryption Compliance Cloud Authentication 133

IT Governance

JULY 6, 2022

Research presented at the USENIX SOUPS security conference in 2020 supports the theory, although it was slightly more optimistic. It found that employees will recall cyber security staff awareness guidance for four months before their knowledge begins to fade. Ideally, examples should be used to make the lessons clearer.

Information Security 105

Information Security Data breaches Education Phishing 105

Troy Hunt

DECEMBER 19, 2017

Yesterday, I wrote the first part of this 5-part series on fixing data breaches and I focused on education. The next few parts of this series all focus on cures - how do we fix data breaches once bad code has already been written or bad server configurations deployed? " I don't know what's in those 42 pages.

Data breaches 53

Data breaches Personal data GDPR Data collection 53

IT Governance

NOVEMBER 24, 2022

Organisations that suffer security incidents are sometimes said to be victims of “cyber extortion”, but it’s often unclear what exactly that phrase means. For example, if a criminal hacker stole payment card data, they could make bogus payments on victims’ cards for goods or services. Examples of cyber extortion.

IT 130

IT Ransomware Encryption Phishing 130

IT Governance

OCTOBER 10, 2022

The attacker might, for example, search social media to find the name, email address and job title of a company director. According to the breach disclosure to the State Data Protection Inspectorate in Lithuania – where Revolut has a banking licence – 50,150 customers were affected. Further headaches for Revolut.

Phishing 124

Phishing Passwords Personal data Data breaches 124