Commentaries and Analyses – Page 795

2010 Annual Study: U.K. Cost of a Data Breach

Posted on March 21, 2011 by Dissent

This 2010 Ponemon Institute benchmark study, sponsored by Symantec Corporation, examines the costs incurred by 38 organisations after experiencing a data breach. Results were not hypothetical responses; they represent cost estimates for activities resulting from actual data loss incidents. This is the fourth annual study of this issue. Breaches included in the study ranged from…

GAO Report: “Information Security: IRS Needs to Enhance Internal Control over Financial Reporting and Taxpayer Data”

Posted on March 15, 2011 by Dissent

A new GAO report indicates that the IRS still needs to do more to improve security. The summary of their report, emphasis added by me: The Internal Revenue Service (IRS) has a demanding responsibility in collecting taxes, processing tax returns, and enforcing the nation’s tax laws. It relies extensively on computerized systems to support its…

Audit finds confidential data on NJ state computers sent to auction

Posted on March 9, 2011 by Dissent

Angela Delli Santi reports: Taxpayers’ Social Security numbers, confidential child abuse reports and personnel reviews of New Jersey workers nearly went to the highest bidder after the state sent surplus computers out for auction. Nearly 80 percent of surplus computers in a comptroller’s office sample had not been scrubbed of data before being shipped to…

Corporate data breach average cost hits $7.2 million

Posted on March 8, 2011 by Dissent

The cost of a data breach went up to $7.2 million last year up from $6.8 million in 2009 with the average cost per compromised record in 2010 reaching $214, up 5% from 2009. The Ponemon Institute’s annual study of data loss costs this year looked at 51 organizations who agreed to discuss the impact of losing…

EU’s Hustinx: Data Protection Law Sanctions Should Mirror Competition Law

Posted on February 25, 2011 by Dissent

Jetty Tielemans writes: At a recent presentation in Frankfurt, Peter Hustinx, head of the European Data Protection Supervisor Office in Brussels, launched an intriguing idea: sanctioning violations of data protection law in the same manner as violations of competition law. The trade press regularly reports on multi-million euro fines for cartels or abuses of dominant…

Cambridge Who’s Who attempt to block former employee from discussing alleged data loss fails in court

Posted on February 24, 2011 by Dissent

Occasionally, we find out about a data breach via court filings instead of notifications or media coverage. This is one of those times, it seems. As far as I can determine, the incident discussed in the court case was not reported to the NYS Consumer Protection Board by either Cambridge Who’s Who or Proactive Technology…