DATA BREACHES: TRENDS, COSTS AND BEST PRACTICES 2008 gives you all the latest information on securing personal and corporate data and responding to data breaches - order your copy today!
Data breaches: Trends, costs and best practices 2008, from IT Governance Publishing, gives you the latest information and worldwide trends in corporate data breaches - those that affect personally identifiable information and contravene laws such as the UK Data Protection Act, HIPAA and so on - and identifies best practice for avoiding business, regulatory and brand damage.
As organisations work out how to tackle their data security in the post-HMRC world, this report gives up-to-the minute insights and guidance.
- Timely and authoritative, this report is aimed at executives, information security managers, risk managers, auditors, compliance managers, stakeholders and data controllers worldwide. It
assesses the reality in today's data breach landscape,
- recognises the real, damaging trends that affect businesses, stakeholders and individuals and
- identifies current and emerging best practice in controlling the risks - and costs - arising from inadequate security in relation to personal data.
DATA BREACHES: TRENDS, COSTS AND BEST PRACTICES 2008 - Contents
- Introduction - the importance and value of personally identifiable information in today's digital economy
- Key recommendations for immediate action to improve data security
- Trends in reported data breaches in the 21st century - numbers, sectors, consideration of insider vs outsider threats
- Costs of data breaches - costs to organisations - unavoidable legal costs, brand restoration costs, customer churn, legal action, costs to customers, banks, police organisations and through fraud
- Data protection legislation and regulation – EU and UK, US, Canada, Australia, South Africa – including:
- Rights of data subjects (subject access requests & the sharing of sensitive personal data within the public sector
- Sectoral regulation: the Gramm-Leach-Billey Act, the Fair Credit Reporting Act, Safe Harbor, HIPAA, the Federal Information Security Management Act (FISMA), the Federal Financial Institutions Examination Council standards (FFIEC), Sarbanes-Oxley (SOX), Basel II
- Outsourcing
- The Payment Card Industry Data Security Standard (PCI DSS)
- Causes of data breaches- external and internal
- Trends in data breach causes - US and UK examined in detail
- 10 key recommendations for immediate improved data security
APPENDIX A. Glossary
APPENDIX B. Examples of data breaches by cause
APPENDIX C. Examples of data breaches, organisational cost & impact
APPENDIX D. US State Laws on Data Breach Notification
APPENDIX E. European Directive on Data Protection
APPENDIX F. References
Data breaches - key risk areas
This report, which draws on a recent IT Governance survey as well as extensive research of public and private information resources, contains authoritative and practical recommendations on tackling data breach risk, and is relevant to any organisation that uses or might be at risk from:
- Laptops
- Portable storage media
- Hacking
- Web application vulnerabilities
- Phishing, pharming and whaling
- Social engineering
- Incident response, remediation and recovery
The failure of imagination at the heart of data insecurity
Critically, this report identifies the real failures at the heart of data insecurity - in the recent IT Governance survey, for example, sixty-eight percent of employees admitted to bypassing their employers’ information security controls in order to do their jobs.
This finding suggests that, even in some of the most sophisticated and security-conscious organisations, managers are failing to understand the correct balance between the requirements in respect of confidentiality and availability of information. By implementing the wrong policies and procedures, they are potentially putting their organisations at risk and may be undermining the legitimacy of information security in employees’ eyes.
This report, its findings and recommendations, will help organisations around the world strike the correct balance between data availability and data security.
Order this essential best practice report today for immediate download!
Authors: ITG Research and Analysis Team
ISBN: 9781905356539
Format: Adobe eBook
Publication Date: 15 April 2008
Availability: Always Available
