BreachExchange mailing list archives
Ministry of Defence reports more than 1, 500 data loss incidents in the last five years
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Thu, 15 Apr 2010 02:25:54 -0400
http://www.scmagazineuk.com/ministry-of-defence-reports-more-than-1500-data-loss-incidents-in-the-last-five-years/article/167919/ More than 1,500 incidents of the loss of confidential or personal data have been reported by the Ministry of Defence in the last five years. In a wash-up debate in parliament last week, Angus Robertson, Scottish National Party MP for Moray, asked Bill Rammell, Minister for the Armed Forces, how many incidents of the loss of confidential data held by his department have been reported in each of the last five years, and in each of the last 12 months. Rammell confirmed that a total of 1,705 incidents were reported between 2005 and 2009, with a high of 1,099 in 2008. He said: “The Ministry of Defence (MoD) takes any attacks on, or misuse of, its information, networks and associated media storage devices very seriously and has robust procedures in place to mitigate against and investigate such occurrences. “Furthermore, new processes, instructions and technological aids are continually being implemented to mitigate human errors and raise the awareness of every individual in the department with regards to cyber security.” In its defence, the MoD said that ‘in a number of these cases the documents were historical and so the original protective marking would have been eligible to be considered for downgrading' and would reduce any risk of compromise. As to how they were discovered, it said a number of these incidents came to light as a consequence of thorough housekeeping activities and revised MoD data management practices. It also said that it was likely that a large number of instances relate to records of the destruction of documents not being accurately maintained, rather than documents actually having gone missing. It said: “The surge in reported incidents from 2008 is largely attributable to two factors. Firstly, there is an increased awareness of the need to report data loss across the Department. Secondly, since the publication of the Data Handling Review and Burton Report, the MoD is now auditing its holdings of both personal data and removable media. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Ministry of Defence reports more than 1, 500 data loss incidents in the last five years Jake Kouns (Apr 16)