BreachExchange mailing list archives
Industry prepares for new ICO penalties starting next month
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Fri, 19 Mar 2010 23:41:50 -0400
http://www.infosecurity-magazine.com/view/8155/industry-prepares-for-new-ico-penalties-starting-next-month/ The IT security industry - and its customers - are starting to prepare for the introduction of new and stiff penalties for organisations that allow data to be stolen or leak, and could reasonably be said to be aware of the risk. The new rules - from the Information Commissioners Office (ICO) - kick in on the 6th of April and, says Richard Turner, chief executive of Clearswift, the most significant change is the level of financial penalty which is set to rise to a maximum of £500 000 (from £5 000), for those companies who do not comply with the Act. Turner says that his firm has been helping companies protect their data for almost two decades and has developed some of the most sophisticated content inspection technology in the industry to help companies to protect important or confidential data. "Organisations can no longer ignore the seriousness of corporate data breaches and not complying with the Data Protection Act. On 6th April 2010, the Information Commissioner is upping the financial penalties to act as a deterrent for companies who flout these rules", he said. "The loss of personal data or any data that organisations deem invaluable is unacceptable mainly because it is all preventable", he added. According to Turner, the term "accidental" is often used by organisations to highlight why things have gone wrong - but this just means that the data security policy was not defined, not shared or not enforced. Companies, he argues, can avoid attempted data breaches with web and email security solutions which are automated, ensure consistent management and monitoring of communication flows, as well as an ability to report on violations with roles-based access and audit logs which comply with process requirements. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Industry prepares for new ICO penalties starting next month Jake Kouns (Mar 19)