With up to 60 million customers affected, the recent security breach at North America’s largest hardware store, The Home Depot, once again proves that even some of the largest retailers have not implemented business processes that ensure the timely detection and communication, if not prevention, of such incidents. This post sheds a light on their dire consequences for consumers and what lawmakers in the U.S. and the E.U. intend to do about it.
On January 14, 2013, the UK Information Commissioner’s Office imposed Sony PlayStation Network a monetary penalty of GBP 250,000 for its serious breach of the UK Data Protection Act – a penalty Sony eventually decided not to appeal in July. The penalty comes after the company was hacked in April 2011, compromising the personal information of millions of its customers. In this article, I highlight why the ICO made a brilliant move and interpretation of the Act.
Recent massive data breaches lead us to discuss the movement for new thinking, new strategies and new leadership amongst IT security. In the new paradigm, flat-out prevention is no longer the goal. Companies need to pursue nuanced risk-management decisions that protect yet allow them to do business.
In a world where a residential fire occurs every 79 seconds, a laptop is stolen every 53 seconds and a hard drive crashes every 15 seconds, citizens are crying out for help. Do not fear, the Backup Battalion is here! Watch how these super-powered information protectors defend the planet from data-munching monsters and cloud-thrashing titans. Interested in joining the team? Then gather your favorite pair of spandex and read on!
Implementation of Privacy by Design and Technical and Organizational Security Measures: The Data Masking Solution
The European Union is working on a revised set of rules for its data protection framework. The concept and principles of “privacy by design” has been incorporated in this draft. We will assess how data masking can be considered an effective data security measure and whether data masking fulfills privacy by design principles. Data masking is not encryption. It is a technique that provides for the replacement of real data with fictitious but realistic data in test environments.