ROI Savings Using an ISO 27001 Organization
Last month, a seminar was held locally with many of the information security professionals in our area and an expert spoke of the necessity of having the ISO 27001 certification. After the formal presentation, this person was answering several pointed questions. One of those queries was about using vendors who also have the ISO 27001 certification and the specialist stated the cost of using a company that did not also have the security standard was going to be sizable. The organization was going to have to allocate resources to implement the same ISO controls at the vendor’s location that they were using at their site to meet their security plan.
Introducing the TechR2 ebook, "5 Reasons Why Onsite Data Destruction is Crucial to Protecting Your Brand"
[vc_row type=”grid” video_bg=””][vc_column width=”1/3″ dp_animation=””][vc_column_text dp_animation=””]TechR2, the certified leader of the onsite data destruction industry, has created a concise, easy-to-read ebook detailing the reasons why onsite data destruction can save your brand’s reputation and save your company millions. Written to benefit everyone from small business owners to the CISO’s of billion dollar companies, this ebook […]
21% Increase in Data Breaches in the First Half of 2014
21% Increase in Data Breaches in the First Half of 2014
395 data breaches have occurred that have been reported in the U.S. so far this year [By July 2014], a 21 percent increase over the same period last year.
In some of the cases, laptops or thumb drives containing information were stolen. And in many of the cases, the breaches were attributed to poor data security practices or simple errors that could have been avoided.
Protecting your brand: Stolen data from drives and media can hurt you
It’s important to have a system in place to destroy sensitive data onsite as soon as a device is retired or a hard drive fails. Drives filled with sensitive data that are left in accessible areas of a business are vulnerable to disgruntled employees as well as visitors.
Company vs. Service Provider: Data Breach Responsibility
have come across several articles over the past month or so that have talked about risk mitigation. This isn’t uncommon, but there was a recurring theme that I had to address. There has been confusion recently as to who holds more responsibility, the service provider or the company who created the data?
Avoiding a Data Breach: Best Practices for Data Destruction
In a perfect world all of the data is properly destroyed and the assets are either retired or resold. Companies are now transitioning to cloud based services and newer technology as a way to lower their costs in the long run, and the work required to manage these newer systems and software is much less. The main risk with this transition, that cannot be ignored, is the handling and disposal of sensitive data and the media it is stored on.
Data breaches in 2013 continue to change the data security landscape
Target and other retailer data breaches in 2013 have started conversations regarding credit card security and data breach notification legislation, and those conversations are continuing. Since the end of last year merchants have been quick to try and upgrade their current payment processing systems and bolster their network security. At the same time data security companies, lawmakers and payment processors all started to become more vocal about the fact that there needs to be higher and better standards set for technology and data security.
Data breaches in the news in 2014
Data breaches have been a popular topic of conversation already this year, much of this stemming from the large breaches that occurred at the end of last year. But going into 2014 we are continuing to hear more and more about data breaches. I am not sure if this is a product of the recent awareness of them, or due to their new found frequency. Either way it leaves us with a more compelling argument that data security for on-network and off-network devices is extremely important, and data breaches are going to continue to happen.
VA investigating security breach of veterans’ medical data
The Veterans Affairs Department’s inspector general has launched a criminal investigation into a physician assistant’s alleged downloading of veterans’ clinical data at its Atlanta medical center, sources have told Nextgov.
Cyber Security Reform Getting into Gear
There have been some big movements in our government recently to update and create new legislation regarding cyber security. On April 16, 2013 the House passed the Federal Information Security Amendments Act of 2013. This updates the previously defined Federal Information Security Management Act of 2002. This is the first significant reform to IT security standards in 11 years and it passed the House with a unanimous vote of 416-0.