Information Security Products And Services - Global Strategic Business Report
- Language: English
- 2008 Pages
- Published: October 2012
- Region: World
Data Breaches: Trends, costs and best practices
Data Breaches: Trends, costs and best practices
- Published: November 2011
- Region: World
- 115 Pages
- IT Governance
Data Breaches: Trends, Costs and Best Practices helps with securing personal and corporate data and responding to data breaches.
Data breaches: Trends, costs and best practices, from IT Governance Publishing, gives you the key information and worldwide trends in corporate data breaches - those that affect personally identifiable information and contravene laws such as the UK Data Protection Act, HIPAA and so on - and identifies best practice for avoiding business, regulatory and brand damage.
As organisations work out how to tackle their data security, this report gives valuable insights and guidance.
This authoritative report is aimed at executives, information security managers, risk managers, auditors, compliance managers, stakeholders and data controllers worldwide. It assesses the reality in today's data breach landscape, recognises the real, damaging trends that affect businesses, stakeholders and individuals and identifies current and emerging best practice in controlling the risks - and costs - arising from inadequate security in relation to personal data.
Data breaches - key risk areas
This report, which draws on an IT Governance survey as
READ MORE >
Introduction
Key recommendations
Trends in reported data breaches
The numbers of data breaches
The numbers of data breaches by sector
Data breaches arising from insider and outsider threats
Costs of data breaches
Costs to organisations
Unavoidable costs that are consequent on compliance with a data breach law
Costs that may be necessary to restore the brand
Costs resulting from customer churn
Costs resulting from legal action
Costs to customers
Costs to banks
Costs to police/federal organisations
Costs incurred through the fraudulent purchase of goods
Data protection legislation and regulation
Europe
The UK
Rights of data subjects (subject access requests)
The sharing of sensitive personal data within the public sector
The US
The Gramm–Leach–Bliley Act
The Fair Credit Reporting Act
Safe Harbor
Health Insurance Portability and Accountability Act (HIPAA)
The Federal Information Security Management Act (FISMA)
Federal Financial Institutions Examination Council standards (FFIEC)
The Sarbanes–Oxley Act (SOX)
Basel 2
Canada
South Africa
Australia
Outsourcing
The Payment Card Industry Data Security Standard (PCI DSS)
Causes of data breaches
External threats
Hacking
Phishing, pharming, whaling and other targeted attacks
Malware
Fraud
Physical theft
Social engineering attacks
Internal threats
Disposal
E-mail
Lost portable storage media
Web application weaknesses
Trends in data breach causes
Causes of data breaches in the US
Causes of data breaches in the UK
Recommendations for improved data security
Create a defence-in-depth using ISO27001
Organisational processes
Encryption
Laptop encryption
Encryption of portable storage devices
Wireless encryption
Establish rigorous procedures to ensure physical destruction of redundant computer drives and magnetic media prior to disposal
Protect credit card data
Provide regular training and awareness on legal responsibilities for all staff that deal with personal data
Deploy outward-bound channel (e-mail, instant messenger) filtering software, with customised dictionaries
Establish a vulnerability patching programme and deploy anti-malware software
Technical vulnerability patching
Implement anti-malware software
Implement a business-driven access control policy, combined with effective authentication
Authentication
Maintain an inventory of the types of data held, apply an information classification system, and ensure that data retention and destruction, of both electronic and paper-based information, is carried out in line with a formal matrix of data retention periods
Develop an incident management plan that enables the organisation to respond effectively to any data breaches
APPENDIX A Glossary
APPENDIX B Examples of data breaches by cause
APPENDIX C Examples of data breaches showing consequent organisational cost and impact
APPENDIX D State laws governing security breach notification
APPENDIX E European Directive on Data Protection
- Europe
- United Kingdom
- United States
- Canada
- South Africa
- Australia
| Format | Properties | |
|---|---|---|
| Electronic (PDF) | The report will be emailed to you. The report is sent in PDF format. | This is a single user license, allowing one specific user access to the product. |
Note: Product cover images may vary from those shown
RELATED PRODUCTS
-
FROM
-
Internet Protocol Television (iPTV) - Global Strategic Business Report
- Language: English
- 830 Pages
- Published: April 2012
- Region: World
FROM -
Web-to-Print - Global Strategic Business Report
- Language: English
- 412 Pages
- Published: April 2012
- Region: World
FROM -
Video Conferencing Systems - Global Strategic Business Report
- Language: English
- 663 Pages
- Published: February 2013
- Region: World
FROM -
Video Conferencing Services - Global Strategic Business Report
- Language: English
- 845 Pages
- Published: March 2013
- Region: World
FROM -
IT Security Market Report 2009
- Language: English
- 116 Pages
- Published: November 2009
- Region: World
FROM -
Managed Security Service Providers Market in the UK 2011-2015
- Language: English
- Published: October 2012
FROM -
UK B2C E-Commerce Report 2011
- Language: English
- 69 Pages
- Published: June 2011
- Region: World
FROM -
Western Europe B2C E-Commerce Report 2012
- Language: English
- 339 Pages
- Published: October 2012
- Region: Europe
FROM -
UK B2C E-Commerce Report 2012
- Language: English
- 70 Pages
- Published: October 2012
- Region: United Kingdom
FROM
