Skip to navigation
   
Davey Winder's Blog
RSS

Could your insecurity cost your boss half a million quid?

By Davey Winder in Editorial

Posted in Business, Data Protection, Security on April 8, 2010 at 10:00 pm

Permalink | Author Profile

The answer is, as from the start of this week, a bloody big YES. Although according to a survey by Cyber-Ark some 65 percent of people are ignorant to the fact, the Information Commissioner’s Office has been granted new powers which came into effect on April 6th and these allow for fines of up to £500,000 if a business has insufficient security in place and this leads to a ‘deliberate or negligent’ breach of personal data.

The study of some 500 city workers uncovered an amazing level of ignorance amongst employees regarding the fines and the Data Protection Act rules which could lead to them. The fact that 65 percent said nothing had ever been mentioned to them could leave directors up to their neck in the smelly stuff in the event of a breach. The ICO reckons that it will certainly consider whether a breached organisation has taken ‘reasonable steps’ to prevent it from occurring.

Interestingly, some 71 percent of respondents reckoned that after they had been made aware of the financial implications to their employers they would be more careful when it comes to data handling. So maybe if you haven’t done so already you should be getting a memo out to all staff ASAP.

Especially if, as was the case with 64 percent of those asked, your employees carry customer data around with them on mobile devices. 38 percent of them admitting that data is protected by sweet FA, and only 50 percent have even a password, with just a measly 12 percent using encryption of any kind.

Adam Bosnian, vice president of products and strategy for Cyber-Ark Software commented says “people increasingly understand the need to protect their data, but for some reason it’s not always top of the CISO’s priority list – and it should be. We have been blown away by these findings especially to discover that, with a £500,000 fine hanging over UK directors as of the 6th April, workers are walking about with unprotected customer records. Education is one piece of the puzzle in making sure that those people who do have access to privileged data are responsible with it and recognise the vital role they play in an organisation’s compliance obligations. Organisations also need to control privileged users and accounts to protect sensitive information, such as customer data, from navigating its way into the wrong hands”.

12345
Rated: 100% (2 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Comment by Janice Taylor-Gaines - April 9, 2010 on 5:54 pm

In the realm of risk, unmanaged possibilities become probabilities: Most breaches are due to a lagging business culture. As CIO, I’m always looking for ways to help my teams. Required reading is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium.” I like to pass along things that work, hoping good ideas make their way to me.

Pingback by IT PRO: Blogs: Davey Winder: How leaky is your data? - April 12, 2010 on 11:20 am

[…] of punishing new powers for the Information Commissioners Office regarding data loss, with fines of up to £500,000 for those found to be neglectful in the light of a data breach, only helps to focus attention on […]

Comment by armchairanalyst - July 15, 2010 on 1:42 pm

Hrrm. Would that fine be per breach? Or a single fine where multiple systemic boneheadedness was occurring?

Thats a rather good case for as little security as you can get away with. In the knowledge you pay a half mil naughty tax if it all goes pear-shaped for your company.

Bring on the Voodoo IT consultants.

Trackback by Liberty Eblin - February 9, 2012 on 8:44 am

sopa de caracol receta…

[…]here will get into the voice of the respective small varieties who claimed for currently being […]…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

patent Developers Michael Jackson web 2.0 recession Study web InfoSec Harry Potter snooping technology Twitter Election payment server graphics credit crunch Gateway BOFH tax prison Pirate Banned Olympics outsourcing Palm Pre e Russia stupid Kill Switch betting MSNBC AMD computers storage encryption Kin ecommerce Hack Digg IDC PS3 The Federation RATM fool MiniBook holidays Rant Education Acer Google Earth politics staffing service wifi Patents hacking Digital Footprint environment Geeks productivity Media Data Centre NBC spam Cisco management standards Flash Vista Google earth hour Advertising Netbook credit card fraud SSL tech IT Blog Browser virus App poll MessageLabs President Noro hubdub broadband parental control network ISP VPN e-commerce compromise Spotify computing virtualisation Blogging Jesus Phone archiving eBook biometrics lawsuit economy hacker Big Brother Voice report terrorism Lotus Notebooks SMS Microchip Mafia ISPA Linux Press football global gaming open source Energy Top 10 Meh help Silverlight trust nightmare Deal Rumour Game meme hardware symantec Employment carbon copy RAM VM Licensing Guardian Retail remote working work debian Enterprise Health social networking museum Children printing malware survey Europe Networks workplace Adobe Music payments email size MSN Microsoft Zango iPad Steve Ballmer USA VeriSign millions iPhone 3G remote Business patch management EU Sony linkedin students Conference scan ASUS scam hoax Paris Hilton code Architecture world of warcraft worker shopping disclosure virtual machine Texting christmas books Steve Jobs Madness migration surveys Battery security Mobile Phone Review Supercomputer innovation HP second life Government Video Firefox Finjan Scotland Kaspersky Web Development DNS Death crime xmas Porn IBM Internet iPhone Internet Explorer man-in-the-middle Analysis sick Software banking FBI Space School science botnet NASA BSI Gartner theft Android iPod Mars YouTube exploit Army digitise memory Bill Gates economics fake information Backlash Application law ID Theft Texas Instruments GSM Yahoo games library smartphone Windows acquisition Top 500 CAPTCHA rootkits Beta ROFL Ballmer Nexus mail phishing Eee PC Trousers Military Apps black hat console services Johnny Depp Addiction support Tesco Amazon monetisation hypervisor dumb Jobs Psychic Project adware fraud Windows Phone 7 Series Browsers GMail desktop OCR admin development home copyright Research campaign Obama Experiment computer green Trojan search IP Programming data protection office universe privacy teleworking Palm virtual world Nintendo fun data OS mobile Intel App Store XP China Facebook banks stupidity Kindle statistics gadgets family HPC Dell scareware Gadget cloud Windows 7 transactional security Psion Eee chips Mobile Phones Apple Performance computing McKinnon spending Funny documentation avatar policy money worm Recall Marketing Parenting iPhone 3GS news Opinion Sex
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement